From b765a534e1caafb396e2b04e9ca484f2c2a3497a Mon Sep 17 00:00:00 2001 From: shanj <18996038927@163.com> Date: Wed, 15 Feb 2023 02:34:04 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9C=8D=E5=8A=A1=E7=AB=AF=E5=A2=9E=E5=8A=A0?= =?UTF-8?q?=E6=9D=83=E9=99=90=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- BBWY.Server.API/BBWY.Server.API.csproj | 1 + .../Controllers/AfterSaleOrderController.cs | 3 + .../Controllers/BillCorrectionController.cs | 3 + .../FinancialTerminalController.cs | 4 +- .../Controllers/OrderController.cs | 4 +- .../Controllers/ProductController.cs | 4 +- .../Controllers/PurchaseOrderController.cs | 6 +- .../Controllers/PurchaseSchemeController.cs | 3 + .../Controllers/VenderController.cs | 5 +- BBWY.Server.API/Startup.cs | 86 ++++++++++++------- BBWY.Server.API/appsettings.json | 4 +- 11 files changed, 83 insertions(+), 40 deletions(-) diff --git a/BBWY.Server.API/BBWY.Server.API.csproj b/BBWY.Server.API/BBWY.Server.API.csproj index 5537764c..65f647df 100644 --- a/BBWY.Server.API/BBWY.Server.API.csproj +++ b/BBWY.Server.API/BBWY.Server.API.csproj @@ -8,6 +8,7 @@ + diff --git a/BBWY.Server.API/Controllers/AfterSaleOrderController.cs b/BBWY.Server.API/Controllers/AfterSaleOrderController.cs index 3a8d7c9c..c004d364 100644 --- a/BBWY.Server.API/Controllers/AfterSaleOrderController.cs +++ b/BBWY.Server.API/Controllers/AfterSaleOrderController.cs @@ -1,10 +1,13 @@ using BBWY.Server.Business; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace BBWY.Server.API.Controllers { + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class AfterSaleOrderController : BaseApiController { private AfterSaleOrderBusiness afterSaleOrderBusiness; diff --git a/BBWY.Server.API/Controllers/BillCorrectionController.cs b/BBWY.Server.API/Controllers/BillCorrectionController.cs index 27d12e37..e8ebb7d0 100644 --- a/BBWY.Server.API/Controllers/BillCorrectionController.cs +++ b/BBWY.Server.API/Controllers/BillCorrectionController.cs @@ -1,11 +1,14 @@ using BBWY.Server.Business; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; namespace BBWY.Server.API.Controllers { + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class BillCorrectionController : BaseApiController { private BillCorrectionBusiness billCorrectionBusiness; diff --git a/BBWY.Server.API/Controllers/FinancialTerminalController.cs b/BBWY.Server.API/Controllers/FinancialTerminalController.cs index cb8f571d..deaaebc1 100644 --- a/BBWY.Server.API/Controllers/FinancialTerminalController.cs +++ b/BBWY.Server.API/Controllers/FinancialTerminalController.cs @@ -1,13 +1,15 @@ using BBWY.Server.Business; using BBWY.Server.Model.Db; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; namespace BBWY.Server.API.Controllers { - + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class FinancialTerminalController : BaseApiController { private FinancialTerminalBusiness financialTerminalBusiness; diff --git a/BBWY.Server.API/Controllers/OrderController.cs b/BBWY.Server.API/Controllers/OrderController.cs index b0be0659..d5590c07 100644 --- a/BBWY.Server.API/Controllers/OrderController.cs +++ b/BBWY.Server.API/Controllers/OrderController.cs @@ -1,12 +1,14 @@ using BBWY.Server.Business; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; -using System.Threading.Tasks; namespace BBWY.Server.API.Controllers { + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class OrderController : BaseApiController { private OrderBusiness orderBusiness; diff --git a/BBWY.Server.API/Controllers/ProductController.cs b/BBWY.Server.API/Controllers/ProductController.cs index 59977d1c..2d813114 100644 --- a/BBWY.Server.API/Controllers/ProductController.cs +++ b/BBWY.Server.API/Controllers/ProductController.cs @@ -1,12 +1,14 @@ using BBWY.Server.Business; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; -using System.Linq; namespace BBWY.Server.API.Controllers { + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class ProductController : BaseApiController { private ProductBusiness productBusiness; diff --git a/BBWY.Server.API/Controllers/PurchaseOrderController.cs b/BBWY.Server.API/Controllers/PurchaseOrderController.cs index e7c46e60..98b921e5 100644 --- a/BBWY.Server.API/Controllers/PurchaseOrderController.cs +++ b/BBWY.Server.API/Controllers/PurchaseOrderController.cs @@ -1,13 +1,14 @@ using BBWY.Server.Business; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using System; using System.Collections.Generic; -using System.Linq; namespace BBWY.Server.API.Controllers { + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class PurchaseOrderController : BaseApiController { private PurchaseOrderBusiness purchaseOrderBusiness; @@ -80,6 +81,7 @@ namespace BBWY.Server.API.Controllers /// /// [HttpPost] + [AllowAnonymous] public void CallbackFrom1688([FromForm] string message, [FromForm] string _aop_signature) { purchaseOrderBusiness.CallbackFrom1688(message); diff --git a/BBWY.Server.API/Controllers/PurchaseSchemeController.cs b/BBWY.Server.API/Controllers/PurchaseSchemeController.cs index af31251c..64e35246 100644 --- a/BBWY.Server.API/Controllers/PurchaseSchemeController.cs +++ b/BBWY.Server.API/Controllers/PurchaseSchemeController.cs @@ -1,12 +1,15 @@ using BBWY.Server.Business; using BBWY.Server.Model.Db; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; namespace BBWY.Server.API.Controllers { + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class PurchaseSchemeController : BaseApiController { private PurchaseSchemeBusiness purchaseSchemeBusiness; diff --git a/BBWY.Server.API/Controllers/VenderController.cs b/BBWY.Server.API/Controllers/VenderController.cs index 3464a57a..00b93147 100644 --- a/BBWY.Server.API/Controllers/VenderController.cs +++ b/BBWY.Server.API/Controllers/VenderController.cs @@ -1,6 +1,8 @@ using BBWY.Common.Models; using BBWY.Server.Business; using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Primitives; @@ -12,7 +14,7 @@ using System.Text; namespace BBWY.Server.API.Controllers { - + [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] public class VenderController : BaseApiController { private VenderBusiness venderBusiness; @@ -64,6 +66,7 @@ namespace BBWY.Server.API.Controllers /// /// [HttpPost] + [AllowAnonymous] public string AcceptJDShopToken([FromBody] JDShopToken jDShopToken) { var httpContext = httpContextAccessor.HttpContext; diff --git a/BBWY.Server.API/Startup.cs b/BBWY.Server.API/Startup.cs index beeb2875..0478b2db 100644 --- a/BBWY.Server.API/Startup.cs +++ b/BBWY.Server.API/Startup.cs @@ -5,21 +5,19 @@ using BBWY.Server.API.Filters; using BBWY.Server.API.Middlewares; using BBWY.Server.Business; using BBWY.Server.Model; -using BBWY.Server.Model.Dto; +using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.Hosting; -using Microsoft.Extensions.Options; +using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; -using Newtonsoft.Json.Linq; using Newtonsoft.Json.Serialization; using System; -using System.Collections.Generic; using System.IO; using System.Linq; using System.Reflection; +using System.Text; using Yitter.IdGenerator; namespace BBWY.Server.API @@ -97,28 +95,28 @@ namespace BBWY.Server.API Title = "ΪӯAPI", Description = "ע\r\n1.زƲôշ\r\n2.ApiResponseΪض(Code,Data,Message),ӿеķֵData\r\n3.Code=200" }); - // JWT֤ - //c.AddSecurityDefinition(JwtBearerDefaults.AuthenticationScheme, new OpenApiSecurityScheme - //{ - // Scheme = JwtBearerDefaults.AuthenticationScheme, - // BearerFormat = "JWT", - // Type = SecuritySchemeType.ApiKey, - // Name = "Authorization", - // In = ParameterLocation.Header, - // Description = "Authorization:Bearer {your JWT token}
", - //}); - //c.AddSecurityRequirement(new OpenApiSecurityRequirement - // { - // { - // new OpenApiSecurityScheme{Reference = new OpenApiReference - // { - // Type = ReferenceType.SecurityScheme, - // Id = JwtBearerDefaults.AuthenticationScheme - // } - // }, - // new string[] { } - // } - // }); + //JWT֤ + c.AddSecurityDefinition(JwtBearerDefaults.AuthenticationScheme, new OpenApiSecurityScheme + { + Scheme = JwtBearerDefaults.AuthenticationScheme, + BearerFormat = "JWT", + Type = SecuritySchemeType.ApiKey, + Name = "Authorization", + In = ParameterLocation.Header, + Description = "Authorization:Bearer {your JWT token}
", + }); + c.AddSecurityRequirement(new OpenApiSecurityRequirement + { + { + new OpenApiSecurityScheme{Reference = new OpenApiReference + { + Type = ReferenceType.SecurityScheme, + Id = JwtBearerDefaults.AuthenticationScheme + } + }, + new string[] { } + } + }); var executingAssembly = Assembly.GetExecutingAssembly(); var assemblyNames = executingAssembly.GetReferencedAssemblies().Union(new AssemblyName[] { executingAssembly.GetName() }).ToArray(); @@ -132,18 +130,40 @@ namespace BBWY.Server.API c.IncludeXmlComments(xmlPath, true); }); }); + + var secret = Configuration.GetSection("Secret").Value; + services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, x => + { + x.SaveToken = true; + x.RequireHttpsMetadata = false; + x.TokenValidationParameters = new TokenValidationParameters() + { + ClockSkew = TimeSpan.Zero, + ValidateIssuerSigningKey = true, + ValidateIssuer = false, + ValidateAudience = false, + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)), + //ValidIssuer = issuer, + //ValidAudience = audience, + //ValidateLifetime = true + }; + }); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env, YunDingBusiness yunDingBusiness) { yunDingBusiness.RefreshKey(); - //app.UseSwagger(c => c.SerializeAsV2 = true) - // .UseSwaggerUI(c => - // { - // c.SwaggerEndpoint("/swagger/v1/swagger.json", "BBWY API"); - // c.RoutePrefix = string.Empty; - // }); + var isAllowedSwagger = Configuration.GetValue("AllowedSwagger"); + if (isAllowedSwagger) + { + app.UseSwagger(c => c.SerializeAsV2 = true) + .UseSwaggerUI(c => + { + c.SwaggerEndpoint("/swagger/v1/swagger.json", "BBWY API"); + c.RoutePrefix = string.Empty; + }); + } //if (env.IsDevelopment()) //{ diff --git a/BBWY.Server.API/appsettings.json b/BBWY.Server.API/appsettings.json index b5bf1f04..7da7ac42 100644 --- a/BBWY.Server.API/appsettings.json +++ b/BBWY.Server.API/appsettings.json @@ -47,5 +47,7 @@ "StoreName": "西安亚一3CA仓2号库" } ] - } + }, + "AllowedSwagger": true, + "Secret": "D96BFA5B-F2AF-45BC-9342-5A55C3F9BBB0" }