using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Net;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using WIDESEA_Core.Helper;
using WIDESEA_Core.Const;
namespace WIDESEA_Core.Authorization
{
public static class AuthorizationResponse
{
///
/// 扩展方法:为 AuthorizationFilterContext 设置授权失败的响应结果
///
/// 授权过滤器上下文
/// HTTP 状态码
/// 可选的自定义错误消息
/// 处理后的授权过滤器上下文
///
/// 该方法会设置一个包含错误信息的 JSON 响应,
/// 格式为:{ message: string, status: false, code: int }
///
public static AuthorizationFilterContext FilterResult(
this AuthorizationFilterContext context,
HttpStatusCode statusCode,
string? message = null)
{
context.Result = new ContentResult()
{
Content = new { message, status = false, code = (int)statusCode }.Serialize(),
ContentType = "application/json",
StatusCode = (int)statusCode
};
//Logger.Info(LoggerType.ApiAuthorize, message);
return context;
}
public static AuthorizationFilterContext Unauthorized(this AuthorizationFilterContext context, string? message = null)
{
return context.FilterResult(HttpStatusCode.Unauthorized, message);
}
//不通过JWT验证的,直接将用户信息缓存起来
public static void AddIdentity(this AuthorizationFilterContext context, int? userId = null)
{
int _userId = userId ?? JwtHelper.GetUserId(context.HttpContext.Request.Headers[AppSecret.TokenHeaderName]);
if (_userId <= 0) return;
//将用户Id缓存到上下文(或者自定一个对象,通过DI以AddScoped方式注入上下文来管理用户信息)
var claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Jti, _userId.ToString()) };
context.HttpContext.User.AddIdentity(new ClaimsIdentity(claims));
}
}
}