😎增加APIKey授权模式

2025-04-24 15:39:06 +08:00 · 2025-04-24 15:39:06 +08:00 · e8dbe5fb49
commit e8dbe5fb49
parent cfd9ec7d14
4 changed files with 82 additions and 4 deletions
--- a/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
+++ b/Admin.NET/Admin.NET.Core/Admin.NET.Core.csproj
@ -28,9 +28,9 @@
    <PackageReference Include="AspNetCoreRateLimit" Version="5.0.0" />
    <PackageReference Include="BouncyCastle.Cryptography" Version="2.5.1" Aliases="BouncyCastleV2" />
    <PackageReference Include="Elastic.Clients.Elasticsearch" Version="9.0.0" />
-    <PackageReference Include="Furion.Extras.Authentication.JwtBearer" Version="4.9.7.48" />
-    <PackageReference Include="Furion.Extras.ObjectMapper.Mapster" Version="4.9.7.48" />
-    <PackageReference Include="Furion.Pure" Version="4.9.7.48" />
+    <PackageReference Include="Furion.Extras.Authentication.JwtBearer" Version="4.9.7.49" />
+    <PackageReference Include="Furion.Extras.ObjectMapper.Mapster" Version="4.9.7.49" />
+    <PackageReference Include="Furion.Pure" Version="4.9.7.49" />
    <PackageReference Include="Hardware.Info" Version="101.0.1" />
    <PackageReference Include="Hashids.net" Version="1.7.0" />
    <PackageReference Include="IPTools.China" Version="1.6.0" />
@ -56,7 +56,7 @@
    <PackageReference Include="SSH.NET" Version="2025.0.0" />
    <PackageReference Include="System.Linq.Dynamic.Core" Version="1.6.0.2" />
    <PackageReference Include="System.Net.Http" Version="4.3.4" />
-    <PackageReference Include="TencentCloudSDK.Sms" Version="3.0.1225" />
+    <PackageReference Include="TencentCloudSDK.Sms" Version="3.0.1226" />
    <PackageReference Include="UAParser" Version="3.1.47" />
    <PackageReference Include="Yitter.IdGenerator" Version="1.0.14" />
  </ItemGroup>
--- a/Admin.NET/Admin.NET.Core/ApiKeyAuth/ApiKeyAuthenticationHandler.cs
+++ b/Admin.NET/Admin.NET.Core/ApiKeyAuth/ApiKeyAuthenticationHandler.cs
@ -0,0 +1,61 @@
+// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
+//
+// 本项目主要遵循 MIT 许可证和 Apache 许可证（版本 2.0）进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
+//
+// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动！任何基于本项目二次开发而产生的一切法律纠纷和责任，我们不承担任何责任！
+
+using Microsoft.AspNetCore.Authentication;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+
+namespace Admin.NET.Core.ApiKeyAuth;
+
+/// <summary>
+/// ApiKey 身份验证处理
+/// </summary>
+public class ApiKeyAuthenticationHandler : AuthenticationHandler<ApiKeyAuthenticationOptions>
+{
+    public const string AuthenticationScheme = "ApiKey";
+
+    public ApiKeyAuthenticationHandler(IOptionsMonitor<ApiKeyAuthenticationOptions> options,
+        ILoggerFactory logger,
+        UrlEncoder encoder)
+        : base(options, logger, encoder)
+    {
+    }
+
+    protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
+    {
+        var apiKey = Request.Headers["X-API-KEY"].FirstOrDefault();
+        if (string.IsNullOrWhiteSpace(apiKey))
+            return await AuthenticateResultFailAsync("API-KEY 不能为空");
+
+        var repAcs = App.GetRequiredService<SqlSugarRepository<SysOpenAccess>>();
+        var acsInfo = await repAcs.AsQueryable().Includes(u => u.BindUser).Includes(u => u.BindUser, p => p.SysOrg).FirstAsync(c => c.AccessSecret == apiKey);
+        if (acsInfo == null)
+            return await AuthenticateResultFailAsync("API-KEY 无效");
+
+        var identity = new ClaimsIdentity(AuthenticationScheme);
+        identity.AddClaims(
+        [
+            new Claim(ClaimConst.UserId, acsInfo.BindUserId + ""),
+            new Claim(ClaimConst.TenantId, acsInfo.BindTenantId + ""),
+            new Claim(ClaimConst.Account, acsInfo.BindUser.Account + ""),
+            new Claim(ClaimConst.RealName, acsInfo.BindUser.RealName),
+            new Claim(ClaimConst.AccountType, ((int)acsInfo.BindUser.AccountType).ToString()),
+            new Claim(ClaimConst.OrgId, acsInfo.BindUser.OrgId + ""),
+            new Claim(ClaimConst.OrgName, acsInfo.BindUser.SysOrg?.Name + ""),
+            new Claim(ClaimConst.OrgType, acsInfo.BindUser.SysOrg?.Type + ""),
+            new Claim(ClaimConst.TokenVersion,"1")
+        ]);
+        var user = new ClaimsPrincipal(identity);
+        return AuthenticateResult.Success(new AuthenticationTicket(user, AuthenticationScheme));
+    }
+
+    private Task<AuthenticateResult> AuthenticateResultFailAsync(string message)
+    {
+        // 写入身份验证失败消息
+        Context.Items[SignatureAuthenticationDefaults.AuthenticateFailMsgKey] = message;
+        return Task.FromResult(AuthenticateResult.Fail(message));
+    }
+}
--- a/Admin.NET/Admin.NET.Core/ApiKeyAuth/ApiKeyAuthenticationOptions.cs
+++ b/Admin.NET/Admin.NET.Core/ApiKeyAuth/ApiKeyAuthenticationOptions.cs
@ -0,0 +1,16 @@
+// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
+//
+// 本项目主要遵循 MIT 许可证和 Apache 许可证（版本 2.0）进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
+//
+// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动！任何基于本项目二次开发而产生的一切法律纠纷和责任，我们不承担任何责任！
+
+using Microsoft.AspNetCore.Authentication;
+
+namespace Admin.NET.Core.ApiKeyAuth;
+
+/// <summary>
+/// ApiKey 身份验证选项
+/// </summary>
+public class ApiKeyAuthenticationOptions : AuthenticationSchemeOptions
+{
+}
--- a/Web/src/api-services/models/db-type.ts
+++ b/Web/src/api-services/models/db-type.ts
@ -49,6 +49,7 @@ export enum DbType {
    NUMBER_28 = 28,
    NUMBER_29 = 29,
    NUMBER_30 = 30,
+    NUMBER_31 = 31,
    NUMBER_900 = 900
 }