From b0bfe08ac8986d1bafd5e762724857fdb145817b Mon Sep 17 00:00:00 2001
From: zuohuaijun <zuohuaijun@163.com>
Date: Mon, 21 Oct 2024 02:15:46 +0800
Subject: [PATCH] =?UTF-8?q?=F0=9F=98=8E=E5=A2=9E=E5=8A=A0=E7=A7=BB?=
 =?UTF-8?q?=E5=8A=A8=E7=AB=AF=E6=8E=A5=E5=8F=A3=E7=89=B9=E6=80=A7=E5=8F=8A?=
 =?UTF-8?q?=E5=AE=9E=E7=8E=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Admin.NET.Core/Admin.NET.Core.csproj      |  2 +-
 .../Attribute/AppApiDescriptionAttribute.cs   | 22 ++++++++++++
 Admin.NET/Admin.NET.Core/Const/CacheConst.cs  |  5 +++
 .../Service/Common/SysCommonService.cs        | 35 ++++++++++++++++++-
 .../Admin.NET.Web.Core/Handlers/JwtHandler.cs |  9 ++++-
 5 files changed, 70 insertions(+), 3 deletions(-)
 create mode 100644 Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs

diff --git a/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj b/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
index 82535a8f..695489b6 100644
--- a/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
+++ b/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
@@ -35,7 +35,7 @@
     <PackageReference Include="Novell.Directory.Ldap.NETStandard" Version="3.6.0" />
     <PackageReference Include="QRCoder" Version="1.6.0" />
     <PackageReference Include="RabbitMQ.Client" Version="6.8.1" />
-    <PackageReference Include="SixLabors.ImageSharp.Web" Version="3.1.3" />
+    <PackageReference Include="SixLabors.ImageSharp.Web" Version="3.1.2" />
     <PackageReference Include="SkiaSharp.NativeAssets.Linux.NoDependencies" Version="2.88.8" />
     <PackageReference Include="SKIT.FlurlHttpClient.Wechat.Api" Version="3.5.0" />
     <PackageReference Include="SKIT.FlurlHttpClient.Wechat.TenpayV3" Version="3.8.0" />
diff --git a/Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs b/Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs
new file mode 100644
index 00000000..a272d499
--- /dev/null
+++ b/Admin.NET/Admin.NET.Core/Attribute/AppApiDescriptionAttribute.cs
@@ -0,0 +1,22 @@
+// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
+//
+// 本项目主要遵循 MIT 许可证和 Apache 许可证（版本 2.0）进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
+//
+// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动！任何基于本项目二次开发而产生的一切法律纠纷和责任，我们不承担任何责任！
+
+namespace Admin.NET.Core;
+
+/// <summary>
+/// APP接口特性
+/// </summary>
+[SuppressSniffer]
+[AttributeUsage(AttributeTargets.Class, AllowMultiple = true, Inherited = true)]
+public class AppApiDescriptionAttribute : Attribute
+{
+    public string Name { get; set; }
+
+    public AppApiDescriptionAttribute(string name)
+    {
+        Name = name;
+    }
+}
\ No newline at end of file
diff --git a/Admin.NET/Admin.NET.Core/Const/CacheConst.cs b/Admin.NET/Admin.NET.Core/Const/CacheConst.cs
index a07b970c..285f4c31 100644
--- a/Admin.NET/Admin.NET.Core/Const/CacheConst.cs
+++ b/Admin.NET/Admin.NET.Core/Const/CacheConst.cs
@@ -16,6 +16,11 @@ public class CacheConst
     /// </summary>
     public const string KeyUserApi = "sys_user_api:";
 
+    /// <summary>
+    /// 移动端接口缓存（接口集合）
+    /// </summary>
+    public const string KeyAppApi = "sys_app_api:";
+
     /// <summary>
     /// 用户机构缓存
     /// </summary>
diff --git a/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs b/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs
index 537c56a6..0dde4cfc 100644
--- a/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs
+++ b/Admin.NET/Admin.NET.Core/Service/Common/SysCommonService.cs
@@ -63,9 +63,10 @@ public class SysCommonService : IDynamicApiController, ITransient
     /// 获取所有接口/动态API 🔖
     /// </summary>
     /// <param name="groupName"></param>
+    /// <param name="isAppApi"></param>
     /// <returns></returns>
     [DisplayName("获取所有接口/动态API")]
-    public List<ApiOutput> GetApiList([FromQuery] string groupName = "")
+    public List<ApiOutput> GetApiList([FromQuery] string groupName = "", [FromQuery] bool isAppApi = false)
     {
         var apiList = new List<ApiOutput>();
 
@@ -99,6 +100,14 @@ public class SysCommonService : IDynamicApiController, ITransient
                 var controllerActionDescriptor = action.ActionDescriptor as ControllerActionDescriptor;
                 if (controllerActionDescriptor == null)
                     continue;
+
+                // 是否只获取所有的移动端/AppApi接口
+                if (isAppApi)
+                {
+                    var appApiDescription = controllerActionDescriptor.ControllerTypeInfo.GetCustomAttribute<AppApiDescriptionAttribute>(true);
+                    if (appApiDescription == null) continue;
+                }
+
                 var apiDescription = controllerActionDescriptor.ControllerTypeInfo.GetCustomAttribute<ApiDescriptionSettingsAttribute>(true);
                 var controllerName = controllerActionDescriptor.ControllerName;
                 var controllerText = apiDescription?.Description;
@@ -137,6 +146,30 @@ public class SysCommonService : IDynamicApiController, ITransient
         return apiList;
     }
 
+    /// <summary>
+    /// 获取所有移动端接口
+    /// </summary>
+    /// <returns></returns>
+    [DisplayName("获取所有移动端接口")]
+    public List<string> GetAppApiList()
+    {
+        var sysCacheService = App.GetRequiredService<SysCacheService>();
+        var apiList = sysCacheService.Get<List<string>>(CacheConst.KeyAppApi);
+        if (apiList == null)
+        {
+            apiList = new List<string>();
+
+            var allApiList = GetApiList("", true);
+            foreach (var apiOutput in allApiList)
+            {
+                foreach (var controller in apiOutput.Children)
+                    apiList.AddRange(controller.Children.Select(u => u.Route));
+            }
+            sysCacheService.Set(CacheConst.KeyAppApi, apiList, TimeSpan.FromDays(7));
+        }
+        return apiList;
+    }
+
     /// <summary>
     /// 下载标记错误的临时 Excel（全局） 🔖
     /// </summary>
diff --git a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
index b9e013aa..39ad8aa8 100644
--- a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
+++ b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
@@ -81,13 +81,20 @@ namespace Admin.NET.Web.Core
         /// <returns></returns>
         private static async Task<bool> CheckAuthorizeAsync(DefaultHttpContext httpContext)
         {
-            // 排除超管账号
+            // 排除超管权限判断
             if (App.User.FindFirst(ClaimConst.AccountType)?.Value == ((int)AccountTypeEnum.SuperAdmin).ToString())
                 return true;
 
             // 当前接口路由
             var path = httpContext.Request.Path.ToString();
 
+            // 移动端接口权限判断
+            if (App.User.FindFirst(ClaimConst.LoginMode)?.Value == ((int)LoginModeEnum.APP).ToString())
+            {
+                var appApiList = App.GetRequiredService<SysCommonService>().GetAppApiList(); // 获取移动端所有接口
+                return appApiList.Exists(u => path.EndsWith(u, StringComparison.CurrentCultureIgnoreCase));
+            }
+
             // 获取当前用户按钮权限集合和接口黑名单
             var serviceScope = httpContext.RequestServices.CreateScope();
             var sysRoleService = serviceScope.ServiceProvider.GetRequiredService<SysRoleService>();