diff --git a/projects/Infrastructure/Extensions/HttpContextExtensions.cs b/projects/Infrastructure/Extensions/HttpContextExtensions.cs index 01ea8427..2ff27972 100644 --- a/projects/Infrastructure/Extensions/HttpContextExtensions.cs +++ b/projects/Infrastructure/Extensions/HttpContextExtensions.cs @@ -21,7 +21,7 @@ namespace Infrastructure.Extensions return $"jwt{httpContext.RequestServices.GetService()["jwt:cookie"]}"; } - public static void JwtSignIn(this HttpContext httpContext, string userName, bool rememberMe, string nickName = null, string organName = null) + public static void JwtSignIn(this HttpContext httpContext, string userName, bool rememberMe,string organNumber = null) { if (httpContext is null) { @@ -30,13 +30,9 @@ namespace Infrastructure.Extensions var claims = new List { new Claim(ClaimTypes.Name, userName), }; - if(!string.IsNullOrEmpty(nickName)) + if (!string.IsNullOrEmpty(organNumber)) { - claims.Add(new Claim(ClaimTypes.GivenName, nickName)); - } - if (!string.IsNullOrEmpty(organName)) - { - claims.Add(new Claim(ClaimTypes.UserData, organName)); + claims.Add(new Claim(ClaimTypes.UserData, organNumber)); } var token = httpContext.CreateJwtToken(claims, DateTime.Now.AddYears(1)); var cookieOptions = new CookieOptions diff --git a/projects/Infrastructure/Web/IClaimService.cs b/projects/Infrastructure/Web/IClaimService.cs deleted file mode 100644 index 8fbc712f..00000000 --- a/projects/Infrastructure/Web/IClaimService.cs +++ /dev/null @@ -1,10 +0,0 @@ -using System.Collections.Generic; -using System.Security.Claims; - -namespace Infrastructure.Web -{ - public interface IClaimService - { - List GetClaims(string userName); - } -} diff --git a/projects/Infrastructure/Web/IUserService.cs b/projects/Infrastructure/Web/IUserService.cs new file mode 100644 index 00000000..0463f6b6 --- /dev/null +++ b/projects/Infrastructure/Web/IUserService.cs @@ -0,0 +1,12 @@ +using System.Collections.Generic; +using System.Security.Claims; + +namespace Infrastructure.Web +{ + public interface IUserService + { + List GetOrganNumbers(string userName); + + List GetRoles(string userName); + } +} \ No newline at end of file diff --git a/projects/Infrastructure/Web/JwtTokenValidator.cs b/projects/Infrastructure/Web/JwtTokenValidator.cs index 45965dd5..70721405 100644 --- a/projects/Infrastructure/Web/JwtTokenValidator.cs +++ b/projects/Infrastructure/Web/JwtTokenValidator.cs @@ -30,10 +30,23 @@ namespace Infrastructure.Web validatedToken = new JwtSecurityTokenHandler().ReadJwtToken(securityToken); var claims = (validatedToken as JwtSecurityToken).Claims.ToList(); var userName = claims.FirstOrDefault(o => o.Type == ClaimTypes.Name).Value; + using var scope = this._serviceProvider.CreateScope(); - var roles = scope.ServiceProvider.GetService().GetClaims(userName); - claims.Add(new Claim("organs","list")); - claims.AddRange(roles); + var userService = scope.ServiceProvider.GetService(); + var organNumber = claims.FirstOrDefault(o => o.Type == ClaimTypes.UserData)?.Value; + if (!string.IsNullOrEmpty(organNumber)) + { + var organNumbers = userService.GetOrganNumbers(userName); + if (!organNumbers.Any(o => o == organNumber)) + { + validatedToken = null; + return null; + } + } + + var claims2 = userService.GetRoles(userName); + claims.AddRange(claims2); + return new ClaimsPrincipal(new ClaimsIdentity(claims, JwtBearerDefaults.AuthenticationScheme)); } catch (Exception ex) diff --git a/projects/IoT.Shared/wwwroot/js/site.js b/projects/IoT.Shared/wwwroot/js/site.js index 581238ba..a01cfbd2 100644 --- a/projects/IoT.Shared/wwwroot/js/site.js +++ b/projects/IoT.Shared/wwwroot/js/site.js @@ -303,6 +303,11 @@ $(function () { $(function () { InitControls(); }); + +$('body').on('change', '#OrganNumber.submit', function () { + $(this).parents('form').submit(); +}); + $('body').on('click', '.cmd', function () { $.getJSON($(this).attr('href'), function (response) { console.log(response); diff --git a/projects/IoTNode/Startup.cs b/projects/IoTNode/Startup.cs index 766210ed..1ca5db68 100644 --- a/projects/IoTNode/Startup.cs +++ b/projects/IoTNode/Startup.cs @@ -35,7 +35,7 @@ namespace IoTNode services.AddTransient(); services.AddTransient(); services.AddTransient(); - services.AddTransient(); + services.AddTransient(); services.AddTransient(); services.AddTransient(); services.AddSingleton(); diff --git a/projects/IoTNode/RoleService.cs b/projects/IoTNode/UserService.cs similarity index 75% rename from projects/IoTNode/RoleService.cs rename to projects/IoTNode/UserService.cs index f4817ca4..0caa52f3 100644 --- a/projects/IoTNode/RoleService.cs +++ b/projects/IoTNode/UserService.cs @@ -7,16 +7,21 @@ using System.Security.Claims; namespace IoTNode { - public class RoleService : IClaimService + public class UserService : IUserService { private readonly IRepository _userRepo; - public RoleService(IRepository userRepo) + public UserService(IRepository userRepo) { this._userRepo = userRepo; } - public List GetClaims(string userName) + public List GetOrganNumbers(string userName) + { + throw new System.NotImplementedException(); + } + + public List GetRoles(string userName) { var userPermissions = this._userRepo.ReadOnlyTable().Where(o => o.UserName == userName) .SelectMany(o => o.UserRoles) diff --git a/projects/Platform/Controllers/AccountController.cs b/projects/Platform/Controllers/AccountController.cs index 7a8fa38b..e8cddf12 100644 --- a/projects/Platform/Controllers/AccountController.cs +++ b/projects/Platform/Controllers/AccountController.cs @@ -136,8 +136,8 @@ namespace Platform.Controllers try { var user = this._userRepo.Table() - .Include(o=>o.OrganUsers) - .ThenInclude(o=>o.Organ) + .Include(o => o.OrganUsers) + .ThenInclude(o => o.Organ) .FirstOrDefault(o => o.UserName == userName); if (user == null) { @@ -198,7 +198,7 @@ namespace Platform.Controllers } else { - HttpContext.JwtSignIn(model.UserName, model.RememberMe, user.NickName, mainOrgan?.Id.ToString()); + HttpContext.JwtSignIn(model.UserName, model.RememberMe, mainOrgan?.Number); if (string.IsNullOrEmpty(returnUrl)) { returnUrl = Url.Action("Index", "Home"); @@ -926,9 +926,11 @@ namespace Platform.Controllers return Content($"var hasLogin={(User.Identity.IsAuthenticated ? "true" : "false")}"); } - public IActionResult ChangeCurrentOrgan(Guid organId,string returnUrl) + public IActionResult ChangeOrgan(string organNumber, string returnUrl) { - return View(); + this.HttpContext.JwtSignOut(); + this.HttpContext.JwtSignIn(User.Identity.Name, false, organNumber); + return Redirect(returnUrl); } #region tools diff --git a/projects/Platform/Controllers/HomeController.cs b/projects/Platform/Controllers/HomeController.cs index 58e1805b..168ee1c1 100644 --- a/projects/Platform/Controllers/HomeController.cs +++ b/projects/Platform/Controllers/HomeController.cs @@ -1,5 +1,6 @@ using Infrastructure.Data; using Infrastructure.Extensions; +using Infrastructure.Web; using IoT.Shared.Application.Domain.Entities; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -16,12 +17,14 @@ namespace Platform.Controllers [ApiExplorerSettings(IgnoreApi = true)] public class HomeController : Controller { + private readonly IUserService _useService; private readonly IRepository _userRepo; private readonly IRepository _organRepo; private readonly IRepository _buildingRepo; - public HomeController(IRepository userRepo,IRepository organRepo,IRepository buildingRepo) + public HomeController(IUserService userService,IRepository userRepo,IRepository organRepo,IRepository buildingRepo) { + this._useService = userService; this._userRepo = userRepo; this._organRepo = organRepo; this._buildingRepo = buildingRepo; @@ -29,7 +32,6 @@ namespace Platform.Controllers public IActionResult Index() { - var organId = Guid.Parse(User.Claims.FirstOrDefault(o => o.Type == ClaimTypes.UserData).Value); return View(); } diff --git a/projects/Platform/RoleService.cs b/projects/Platform/RoleService.cs deleted file mode 100644 index d6efcc5c..00000000 --- a/projects/Platform/RoleService.cs +++ /dev/null @@ -1,42 +0,0 @@ -using Infrastructure.Data; -using Infrastructure.Web; -using IoT.Shared.Application.Domain.Entities; -using System.Collections.Generic; -using System.Linq; -using System.Security.Claims; - -namespace Platform -{ - public class RoleService : IClaimService - { - private readonly IRepository _userRepo; - - public RoleService(IRepository userRepo) - { - this._userRepo = userRepo; - } - - public List GetOrgans(string userName) - { - return this._userRepo.ReadOnlyTable() - .Where(o => o.UserName == userName) - .SelectMany(o => o.OrganUsers) - .Select(o => o.Organ) - .ToList() - .Select(o => new Claim("", o.Name)) - .ToList(); - } - - public List GetClaims(string userName) - { - var permissions = this._userRepo.ReadOnlyTable().Where(o => o.UserName == userName) - .SelectMany(o => o.UserRoles) - .Select(o => o.Role) - .SelectMany(o => o.RolePermissions) - .Select(o => o.Permission.Number) - .Select(o => new Claim(ClaimTypes.Role, o)) - .ToList(); - return permissions; - } - } -} diff --git a/projects/Platform/Startup.cs b/projects/Platform/Startup.cs index 1e2db1b8..c070d9e4 100644 --- a/projects/Platform/Startup.cs +++ b/projects/Platform/Startup.cs @@ -33,7 +33,7 @@ namespace Platform services.AddTransient(); services.AddTransient(); services.AddTransient(); - services.AddTransient(); + services.AddTransient(); if (Env.IsDevelopment() || Configuration.GetSection("AppSettings").GetValue("debug", false)) { services.AddTransient(); diff --git a/projects/Platform/UserService.cs b/projects/Platform/UserService.cs new file mode 100644 index 00000000..d2140ba5 --- /dev/null +++ b/projects/Platform/UserService.cs @@ -0,0 +1,49 @@ +using Infrastructure.Data; +using Infrastructure.Web; +using IoT.Shared.Application.Domain.Entities; +using Microsoft.EntityFrameworkCore; +using System.Collections.Generic; +using System.Linq; +using System.Security.Claims; + +namespace Platform +{ + public class UserService : IUserService + { + private readonly IRepository _userRepo; + + public UserService(IRepository userRepo) + { + this._userRepo = userRepo; + } + + public List GetOrganNumbers(string userName) + { + var list = this._userRepo.ReadOnlyTable().Where(o => o.UserName == userName) + .SelectMany(o => o.OrganUsers) + .Select(o => o.Organ.Number) + .ToList(); + return list; + } + + public List GetRoles(string userName) + { + var user = this._userRepo.ReadOnlyTable() + .Where(o => o.UserName == userName) + .Include(o => o.OrganUsers).ThenInclude(o => o.Organ) + .Include(o => o.UserRoles).ThenInclude(o => o.Role).ThenInclude(o => o.RolePermissions).ThenInclude(o => o.Permission) + .FirstOrDefault(); + List list = null; + if (user != null) + { + list = user.UserRoles.Select(o => o.Role) + .SelectMany(o => o.RolePermissions) + .Select(o => o.Permission.Number) + .Select(o => new Claim(ClaimTypes.Role, o)) + .ToList(); + list.Add(new Claim(ClaimTypes.GivenName, user.NickName)); + } + return list; + } + } +} \ No newline at end of file diff --git a/projects/Platform/Views/Shared/_Layout.cshtml b/projects/Platform/Views/Shared/_Layout.cshtml index 33fe2cb6..90478aa2 100644 --- a/projects/Platform/Views/Shared/_Layout.cshtml +++ b/projects/Platform/Views/Shared/_Layout.cshtml @@ -1,4 +1,5 @@ -@inject Infrastructure.Application.Services.Settings.ISettingService settingSerice +@using Microsoft.AspNetCore.Http.Extensions +@inject Infrastructure.Application.Services.Settings.ISettingService settingSerice @inject IRepository organUserRepo @{ var name = settingSerice.GetValue("name"); @@ -41,13 +42,16 @@ { var userName=User.Identity.Name; var displayName=User.Claims.FirstOrDefault(o=>o.Type== System.Security.Claims.ClaimTypes.GivenName)?.Value??userName; - var organs = organUserRepo.ReadOnlyTable().Where(o=>o.User.UserName==userName).Select(o=>new{o.Organ.Id,o.Organ.Name}); + var organs = organUserRepo.ReadOnlyTable().Where(o=>o.User.UserName==userName).Select(o=>new{o.Organ.Number,o.Organ.Name}); if(organs.Any()) { - var organId = User.Claims.FirstOrDefault(o=>o.Type== System.Security.Claims.ClaimTypes.UserData)?.Value; - var list = new SelectList(organs, "Id", "Name", organId); + var organNumber = User.Claims.FirstOrDefault(o=>o.Type== System.Security.Claims.ClaimTypes.UserData)?.Value; + var list = new SelectList(organs, "Number", "Name", organNumber);
  • - @Html.DropDownList("OrganId", list, "请选择", new { @class = "form-control",data-url=Url.Action("ChangeCurrentOrgan","Account",new{area=""}) }) +
    + + @Html.DropDownList("OrganNumber", list,new { @class = "form-control submit" }) +
    • }
  • diff --git a/projects/projects.sln b/projects/projects.sln index b5930eb6..f6ee48cd 100644 --- a/projects/projects.sln +++ b/projects/projects.sln @@ -23,8 +23,6 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Docs", "Docs", "{48C7AE84-0 D_5_41_10_4ZHXY_4projects_4lib_4package_1json__JsonSchema = http://json.schemastore.org/pyrseas-0.8 EndProjectSection EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Libraries", "Libraries", "{6044D20E-13BA-47BF-BD42-CCC5267ACCEF}" -EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "IoT", "IoT", "{AE34E06D-C5C7-44BC-B168-85808318516C}" EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WebMVC", "WebMVC\WebMVC.csproj", "{C66B39B3-D863-4651-99CD-74104CA65C47}" @@ -134,7 +132,7 @@ Global HideSolutionNode = FALSE EndGlobalSection GlobalSection(NestedProjects) = preSolution - {264A3E6B-80A1-488D-841D-930B810B85D2} = {6044D20E-13BA-47BF-BD42-CCC5267ACCEF} + {264A3E6B-80A1-488D-841D-930B810B85D2} = {AE34E06D-C5C7-44BC-B168-85808318516C} {216F0A25-9F20-4235-9316-632AB94E854A} = {AE34E06D-C5C7-44BC-B168-85808318516C} {F48CA65D-B2D6-4DB8-A396-A3FE913804FB} = {AE34E06D-C5C7-44BC-B168-85808318516C} {BE6DEBC5-004F-4811-8BDC-67C74D9E8C2F} = {AE34E06D-C5C7-44BC-B168-85808318516C} @@ -143,7 +141,7 @@ Global {60596088-3C4E-4EA2-933A-B66CD269845B} = {AE34E06D-C5C7-44BC-B168-85808318516C} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution - BuildVersion_StartDate = 2000/1/1 SolutionGuid = {0B7095FB-5E70-4EF8-805A-CB4A91AE4B0A} + BuildVersion_StartDate = 2000/1/1 EndGlobalSection EndGlobal