服务端增加权限验证

BBWY.Server.API/BBWY.Server.API.csproj

@@ -8,6 +8,7 @@
   <ItemGroup>
     <PackageReference Include="FreeSql" Version="2.6.100" />
     <PackageReference Include="FreeSql.Provider.MySql" Version="2.6.100" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.1.32" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="3.1.21" />
     <PackageReference Include="NLog" Version="4.7.12" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />

BBWY.Server.API/Controllers/AfterSaleOrderController.cs

@@ -1,10 +1,13 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 
 namespace BBWY.Server.API.Controllers
 {
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class AfterSaleOrderController : BaseApiController
     {
         private AfterSaleOrderBusiness afterSaleOrderBusiness;

BBWY.Server.API/Controllers/BillCorrectionController.cs

@@ -1,11 +1,14 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using System.Collections.Generic;
 
 namespace BBWY.Server.API.Controllers
 {
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class BillCorrectionController : BaseApiController
     {
         private BillCorrectionBusiness billCorrectionBusiness;

BBWY.Server.API/Controllers/FinancialTerminalController.cs

@@ -1,13 +1,15 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Db;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using System.Collections.Generic;
 
 namespace BBWY.Server.API.Controllers
 {
-
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class FinancialTerminalController : BaseApiController
     {
         private FinancialTerminalBusiness financialTerminalBusiness;

BBWY.Server.API/Controllers/OrderController.cs

@@ -1,12 +1,14 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using System.Collections.Generic;
-using System.Threading.Tasks;
 
 namespace BBWY.Server.API.Controllers
 {
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class OrderController : BaseApiController
     {
         private OrderBusiness orderBusiness;

BBWY.Server.API/Controllers/ProductController.cs

@@ -1,12 +1,14 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using System.Collections.Generic;
-using System.Linq;
 
 namespace BBWY.Server.API.Controllers
 {
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class ProductController : BaseApiController
     {
         private ProductBusiness productBusiness;

BBWY.Server.API/Controllers/PurchaseOrderController.cs

@@ -1,13 +1,14 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using System;
 using System.Collections.Generic;
-using System.Linq;
 
 namespace BBWY.Server.API.Controllers
 {
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class PurchaseOrderController : BaseApiController
     {
         private PurchaseOrderBusiness purchaseOrderBusiness;
@@ -80,6 +81,7 @@ namespace BBWY.Server.API.Controllers
         /// <param name="message"></param>
         /// <param name="_aop_signature"></param>
         [HttpPost]
+        [AllowAnonymous]
         public void CallbackFrom1688([FromForm] string message, [FromForm] string _aop_signature)
         {
             purchaseOrderBusiness.CallbackFrom1688(message);

BBWY.Server.API/Controllers/PurchaseSchemeController.cs

@@ -1,12 +1,15 @@
 using BBWY.Server.Business;
 using BBWY.Server.Model.Db;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using System.Collections.Generic;
 
 namespace BBWY.Server.API.Controllers
 {
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class PurchaseSchemeController : BaseApiController
     {
         private PurchaseSchemeBusiness purchaseSchemeBusiness;

BBWY.Server.API/Controllers/VenderController.cs

@@ -1,6 +1,8 @@
 using BBWY.Common.Models;
 using BBWY.Server.Business;
 using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Primitives;
@@ -12,7 +14,7 @@ using System.Text;
 
 namespace BBWY.Server.API.Controllers
 {
-
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
     public class VenderController : BaseApiController
     {
         private VenderBusiness venderBusiness;
@@ -64,6 +66,7 @@ namespace BBWY.Server.API.Controllers
         /// </summary>
         /// <param name="jDShopToken"></param>
         [HttpPost]
+        [AllowAnonymous]
         public string AcceptJDShopToken([FromBody] JDShopToken jDShopToken)
         {
             var httpContext = httpContextAccessor.HttpContext;

BBWY.Server.API/Startup.cs

@@ -5,21 +5,19 @@ using BBWY.Server.API.Filters;
 using BBWY.Server.API.Middlewares;
 using BBWY.Server.Business;
 using BBWY.Server.Model;
-using BBWY.Server.Model.Dto;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Hosting;
-using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;
-using Newtonsoft.Json.Linq;
 using Newtonsoft.Json.Serialization;
 using System;
-using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Reflection;
+using System.Text;
 using Yitter.IdGenerator;
 
 namespace BBWY.Server.API
@@ -97,28 +95,28 @@ namespace BBWY.Server.API
                     Title = "步步为盈API",
                     Description = "注意事项\r\n1.返回参数名称采用大驼峰命名\r\n2.ApiResponse为基础返回对象(Code,Data,Message),接口中所有的返回值均属于Data属性\r\n3.正常返回Code=200"
                 });
-                // JWTÈÏÖ¤                                                 
-                //c.AddSecurityDefinition(JwtBearerDefaults.AuthenticationScheme, new OpenApiSecurityScheme
-                //{
-                //    Scheme = JwtBearerDefaults.AuthenticationScheme,
-                //    BearerFormat = "JWT",
-                //    Type = SecuritySchemeType.ApiKey,
-                //    Name = "Authorization",
-                //    In = ParameterLocation.Header,
-                //    Description = "Authorization:Bearer {your JWT token}<br/>",
-                //});
-                //c.AddSecurityRequirement(new OpenApiSecurityRequirement
-                // {
-                //    {
-                //        new OpenApiSecurityScheme{Reference = new OpenApiReference
-                //            {
-                //                Type = ReferenceType.SecurityScheme,
-                //                Id = JwtBearerDefaults.AuthenticationScheme
-                //            }
-                //        },
-                //        new string[] { }
-                //    }
-                // });
+                //JWTÈÏÖ¤
+                c.AddSecurityDefinition(JwtBearerDefaults.AuthenticationScheme, new OpenApiSecurityScheme
+                {
+                    Scheme = JwtBearerDefaults.AuthenticationScheme,
+                    BearerFormat = "JWT",
+                    Type = SecuritySchemeType.ApiKey,
+                    Name = "Authorization",
+                    In = ParameterLocation.Header,
+                    Description = "Authorization:Bearer {your JWT token}<br/>",
+                });
+                c.AddSecurityRequirement(new OpenApiSecurityRequirement
+                 {
+                    {
+                        new OpenApiSecurityScheme{Reference = new OpenApiReference
+                            {
+                                Type = ReferenceType.SecurityScheme,
+                                Id = JwtBearerDefaults.AuthenticationScheme
+                            }
+                        },
+                        new string[] { }
+                    }
+                 });
 
                 var executingAssembly = Assembly.GetExecutingAssembly();
                 var assemblyNames = executingAssembly.GetReferencedAssemblies().Union(new AssemblyName[] { executingAssembly.GetName() }).ToArray();
@@ -132,18 +130,40 @@ namespace BBWY.Server.API
                     c.IncludeXmlComments(xmlPath, true);
                 });
             });
+
+            var secret = Configuration.GetSection("Secret").Value;
+            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, x =>
+            {
+                x.SaveToken = true;
+                x.RequireHttpsMetadata = false;
+                x.TokenValidationParameters = new TokenValidationParameters()
+                {
+                    ClockSkew = TimeSpan.Zero,
+                    ValidateIssuerSigningKey = true,
+                    ValidateIssuer = false,
+                    ValidateAudience = false,
+                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)),
+                    //ValidIssuer = issuer,
+                    //ValidAudience = audience,
+                    //ValidateLifetime = true
+                };
+            });
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
         public void Configure(IApplicationBuilder app, IWebHostEnvironment env, YunDingBusiness yunDingBusiness)
         {
             yunDingBusiness.RefreshKey();
-            //app.UseSwagger(c => c.SerializeAsV2 = true)
-            //   .UseSwaggerUI(c =>
-            //   {
-            //       c.SwaggerEndpoint("/swagger/v1/swagger.json", "BBWY API");
-            //       c.RoutePrefix = string.Empty;
-            //   });
+            var isAllowedSwagger = Configuration.GetValue<bool>("AllowedSwagger");
+            if (isAllowedSwagger)
+            {
+                app.UseSwagger(c => c.SerializeAsV2 = true)
+                  .UseSwaggerUI(c =>
+                  {
+                      c.SwaggerEndpoint("/swagger/v1/swagger.json", "BBWY API");
+                      c.RoutePrefix = string.Empty;
+                  });
+            }
 
             //if (env.IsDevelopment())
             //{

BBWY.Server.API/appsettings.json

@@ -47,5 +47,7 @@
         "StoreName": "西安亚一3CA仓2号库"
       }
     ]
-  }
+  },
+  "AllowedSwagger": true,
+  "Secret": "D96BFA5B-F2AF-45BC-9342-5A55C3F9BBB0"
 }