LFlow/LFlow.UserManagement/UserMiddleware.cs

using LFlow.Base;
using LFlow.Base.Utils;
using LFlow.Cache.Interface;
using LFlow.Middleware;
using LFlow.Permission.Service;
using LFlow.UserManagement.Model;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Routing;
using Newtonsoft.Json;
using Serilog;

namespace LFlow.UserManagement
{
    /// <summary>
    /// 用户管理中间件
    /// </summary>
    /// <param name="logger"></param>
    public class UserMiddleware(ILogger logger,ISelfCache selfCache) : ILFlowMiddleware
    {
        /// <summary>
        /// 优先级
        /// </summary>
        public int Priority => 1;
        /// <summary>
        /// 执行入口
        /// </summary>
        /// <param name="context"></param>
        /// <param name="next"></param>
        public async Task RunAsync(Microsoft.AspNetCore.Http.HttpContext context, Func<Task> next)
        {
             var progName = context.GetRouteData()?.Values["controller"]?.ToString();
        var progAction = context.GetRouteData()?.Values["action"]?.ToString();
        if (progName != null)
        {
            var service = App.GetService<IPermissionService>();
            var progPermission = service != null ? await service.GetProgPerminssionListAsync(progName) : null;
            var currentPermission = progPermission?.FirstOrDefault(p => p.PermissionAction == progAction);
            if (currentPermission == null || currentPermission!.IsPublic)
            {
                await next();
            }
            else
            {
                //TODO 从缓存中根据Token获取用户信息，并判断是否有权限
                await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("无权限！", 100501)));
                var token = context.Request.Cookies["Token"]?.ToString();
                if(token != null){
                    var user =  selfCache.GetAsync<UserModel>(token!);
                    var userPermissions = service.GetPermissions()
                }else{
                    await context.Response.WriteAsync(JsonConvert.SerializeObject(ApiResult<object>.FailResult("未登录！", 100500)));
                }
            }
        }
        // 预检请求
        if (context.Request.Method == "OPTIONS")
        {
            await next();
            // context.Response.StatusCode = StatusCodes.Status200OK;
        }
        }
    }
}