diff --git a/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj b/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
index 82535a8f..695489b6 100644
--- a/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
+++ b/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
@@ -35,7 +35,7 @@
-
+
diff --git a/Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs b/Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs
new file mode 100644
index 00000000..a272d499
--- /dev/null
+++ b/Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs
@@ -0,0 +1,22 @@
+// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
+//
+// 本项目主要遵循 MIT 许可证和 Apache 许可证(版本 2.0)进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
+//
+// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任!
+
+namespace Admin.NET.Core;
+
+///
+/// APP接口特性
+///
+[SuppressSniffer]
+[AttributeUsage(AttributeTargets.Class, AllowMultiple = true, Inherited = true)]
+public class AppApiDescriptionAttribute : Attribute
+{
+ public string Name { get; set; }
+
+ public AppApiDescriptionAttribute(string name)
+ {
+ Name = name;
+ }
+}
\ No newline at end of file
diff --git a/Admin.NET/Admin.NET.Core/Const/CacheConst.cs b/Admin.NET/Admin.NET.Core/Const/CacheConst.cs
index a07b970c..285f4c31 100644
--- a/Admin.NET/Admin.NET.Core/Const/CacheConst.cs
+++ b/Admin.NET/Admin.NET.Core/Const/CacheConst.cs
@@ -16,6 +16,11 @@ public class CacheConst
///
public const string KeyUserApi = "sys_user_api:";
+ ///
+ /// 移动端接口缓存(接口集合)
+ ///
+ public const string KeyAppApi = "sys_app_api:";
+
///
/// 用户机构缓存
///
diff --git a/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs b/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs
index 537c56a6..0dde4cfc 100644
--- a/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs
+++ b/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs
@@ -63,9 +63,10 @@ public class SysCommonService : IDynamicApiController, ITransient
/// 获取所有接口/动态API 🔖
///
///
+ ///
///
[DisplayName("获取所有接口/动态API")]
- public List GetApiList([FromQuery] string groupName = "")
+ public List GetApiList([FromQuery] string groupName = "", [FromQuery] bool isAppApi = false)
{
var apiList = new List();
@@ -99,6 +100,14 @@ public class SysCommonService : IDynamicApiController, ITransient
var controllerActionDescriptor = action.ActionDescriptor as ControllerActionDescriptor;
if (controllerActionDescriptor == null)
continue;
+
+ // 是否只获取所有的移动端/AppApi接口
+ if (isAppApi)
+ {
+ var appApiDescription = controllerActionDescriptor.ControllerTypeInfo.GetCustomAttribute(true);
+ if (appApiDescription == null) continue;
+ }
+
var apiDescription = controllerActionDescriptor.ControllerTypeInfo.GetCustomAttribute(true);
var controllerName = controllerActionDescriptor.ControllerName;
var controllerText = apiDescription?.Description;
@@ -137,6 +146,30 @@ public class SysCommonService : IDynamicApiController, ITransient
return apiList;
}
+ ///
+ /// 获取所有移动端接口
+ ///
+ ///
+ [DisplayName("获取所有移动端接口")]
+ public List GetAppApiList()
+ {
+ var sysCacheService = App.GetRequiredService();
+ var apiList = sysCacheService.Get>(CacheConst.KeyAppApi);
+ if (apiList == null)
+ {
+ apiList = new List();
+
+ var allApiList = GetApiList("", true);
+ foreach (var apiOutput in allApiList)
+ {
+ foreach (var controller in apiOutput.Children)
+ apiList.AddRange(controller.Children.Select(u => u.Route));
+ }
+ sysCacheService.Set(CacheConst.KeyAppApi, apiList, TimeSpan.FromDays(7));
+ }
+ return apiList;
+ }
+
///
/// 下载标记错误的临时 Excel(全局) 🔖
///
diff --git a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
index b9e013aa..39ad8aa8 100644
--- a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
+++ b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
@@ -81,13 +81,20 @@ namespace Admin.NET.Web.Core
///
private static async Task CheckAuthorizeAsync(DefaultHttpContext httpContext)
{
- // 排除超管账号
+ // 排除超管权限判断
if (App.User.FindFirst(ClaimConst.AccountType)?.Value == ((int)AccountTypeEnum.SuperAdmin).ToString())
return true;
// 当前接口路由
var path = httpContext.Request.Path.ToString();
+ // 移动端接口权限判断
+ if (App.User.FindFirst(ClaimConst.LoginMode)?.Value == ((int)LoginModeEnum.APP).ToString())
+ {
+ var appApiList = App.GetRequiredService().GetAppApiList(); // 获取移动端所有接口
+ return appApiList.Exists(u => path.EndsWith(u, StringComparison.CurrentCultureIgnoreCase));
+ }
+
// 获取当前用户按钮权限集合和接口黑名单
var serviceScope = httpContext.RequestServices.CreateScope();
var sysRoleService = serviceScope.ServiceProvider.GetRequiredService();