OrderSystem/Framework/Bowin.Common/ServiceToken/Permission/FunctionCodeAttribute.cs

using Bowin.Common.Cache;
using Bowin.Common.JSON;
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;

namespace Bowin.Common.ServiceToken.Permission
{
    public class FunctionCodeAttribute : ActionFilterAttribute
    {
        public List<string> FunctionCodes { get; set; }
        public FunctionCodeAttribute(params string[] functionCodes)
        {
            FunctionCodes = functionCodes.ToList();
        }

        public override void OnActionExecuting(ActionExecutingContext context)
        {
            base.OnActionExecuting(context);

            if (JwtHelper.GetFunctionCodeMethod != null)
            {
                var userClaim = context.HttpContext.User.FindFirst(ClaimTypes.Name); //context.HttpContext.User.FindFirst(ClaimTypes.Role);
                if (userClaim == null)
                {
                    throw new Exception("未授权的操作。");
                }

                
                var roleCache = (string)CacheHelper.Get("rinfo_" + userClaim.Value);
                
                if (roleCache == null)
                {
                    roleCache = JwtHelper.GetFunctionCodeMethod.Invoke(userClaim.Value).ToJson();
                    CacheHelper.Add("rinfo_" + userClaim.Value, roleCache);
                }
                var userFunctionCodes = roleCache.ToObject<List<string>>();

                if (userFunctionCodes.Intersect(FunctionCodes).Count() == 0)
                {
                    throw new Exception("未授权的操作。");
                }
            }
        }
    }
}