From 432614ffd0063aa8cf2cf045f84ab17a2de24c28 Mon Sep 17 00:00:00 2001 From: jianweie code Date: Sun, 17 Dec 2023 01:02:37 +0800 Subject: [PATCH] =?UTF-8?q?=E3=80=90=E6=96=B0=E5=A2=9E=E3=80=91Swagger?= =?UTF-8?q?=E8=AE=BF=E9=97=AE=E5=A2=9E=E5=8A=A0=E7=AE=80=E5=8D=95=E6=9D=83?= =?UTF-8?q?=E9=99=90=E9=AA=8C=E8=AF=81=EF=BC=8C=E9=98=B2=E6=AD=A2api?= =?UTF-8?q?=E6=96=87=E6=A1=A3=E6=8A=95=E4=BA=A7=E6=83=85=E5=86=B5=E4=B8=8B?= =?UTF-8?q?=E6=9C=AA=E7=89=B9=E6=84=8F=E5=B1=8F=E8=94=BDapi=E6=96=87?= =?UTF-8?q?=E6=A1=A3=E8=AE=BF=E9=97=AE=E6=9D=83=E9=99=90=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../AppSettingsConstVars.cs | 19 ++++++ CoreCms.Net.Middlewares/MiddlewareHelpers.cs | 11 ++++ .../SwaggerBasicAuthMiddleware.cs | 62 +++++++++++++++++++ CoreCms.Net.Web.WebApi/Program.cs | 2 + CoreCms.Net.Web.WebApi/appsettings.json | 6 ++ 5 files changed, 100 insertions(+) create mode 100644 CoreCms.Net.Middlewares/SwaggerBasicAuthMiddleware.cs diff --git a/CoreCms.Net.Configuration/AppSettingsConstVars.cs b/CoreCms.Net.Configuration/AppSettingsConstVars.cs index 6c50f7a8..a9a34ebb 100644 --- a/CoreCms.Net.Configuration/AppSettingsConstVars.cs +++ b/CoreCms.Net.Configuration/AppSettingsConstVars.cs @@ -144,6 +144,25 @@ namespace CoreCms.Net.Configuration public static readonly string WeiXinAppSecret = AppSettingsHelper.GetContent("WeChatOptions", "WeiXinAppSecret"); + #endregion + + #region Swagger授权访问设置================================================================================ + /// + /// Swagger文档默认访问路由地址 + /// + public static readonly string SwaggerRoutePrefix = AppSettingsHelper.GetContent("SwaggerConfig", "RoutePrefix"); + + /// + /// Swagger文档登录账号 + /// + public static readonly string SwaggerUserName = AppSettingsHelper.GetContent("SwaggerConfig", "UserName"); + + /// + /// Swagger文档登录密码 + /// + public static readonly string SwaggerPassWord = AppSettingsHelper.GetContent("SwaggerConfig", "PassWord"); + + #endregion } diff --git a/CoreCms.Net.Middlewares/MiddlewareHelpers.cs b/CoreCms.Net.Middlewares/MiddlewareHelpers.cs index 1427de5d..fb178a43 100644 --- a/CoreCms.Net.Middlewares/MiddlewareHelpers.cs +++ b/CoreCms.Net.Middlewares/MiddlewareHelpers.cs @@ -82,5 +82,16 @@ namespace CoreCms.Net.Middlewares return app.UseMiddleware(dataSources); } + + /// + /// Swagger授权中间件 + /// + /// + /// + public static IApplicationBuilder UseSwaggerAuthorizedMildd(this IApplicationBuilder app) + { + return app.UseMiddleware(); + } + } } diff --git a/CoreCms.Net.Middlewares/SwaggerBasicAuthMiddleware.cs b/CoreCms.Net.Middlewares/SwaggerBasicAuthMiddleware.cs new file mode 100644 index 00000000..dba15bea --- /dev/null +++ b/CoreCms.Net.Middlewares/SwaggerBasicAuthMiddleware.cs @@ -0,0 +1,62 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Net.Http.Headers; +using System.Text; +using System.Threading.Tasks; +using CoreCms.Net.Configuration; +using Microsoft.AspNetCore.Http; + +namespace CoreCms.Net.Middlewares +{ + /// + /// Swagger授权登录拦截 + /// + public class SwaggerBasicAuthMiddleware + { + + private readonly RequestDelegate next; + public SwaggerBasicAuthMiddleware(RequestDelegate next) + { + this.next = next; + } + public async Task InvokeAsync(HttpContext context) + { + var path = "/" + AppSettingsConstVars.SwaggerRoutePrefix; + + if (context.Request.Path.StartsWithSegments(path)) + { + string authHeader = context.Request.Headers["Authorization"]; + if (authHeader != null && authHeader.StartsWith("Basic ")) + { + // Get the credentials from request header + var header = AuthenticationHeaderValue.Parse(authHeader); + var inBytes = Convert.FromBase64String(header.Parameter); + var credentials = Encoding.UTF8.GetString(inBytes).Split(':'); + var username = credentials[0]; + var password = credentials[1]; + + var swaggerUserName = AppSettingsConstVars.SwaggerUserName; + var swaggerPassWord = AppSettingsConstVars.SwaggerPassWord; + + // validate credentials + if (!string.IsNullOrEmpty(swaggerUserName) && !string.IsNullOrEmpty(swaggerPassWord) && username.Equals(swaggerUserName) && password.Equals(swaggerPassWord)) + { + await next.Invoke(context).ConfigureAwait(false); + return; + } + } + context.Response.Headers["WWW-Authenticate"] = "Basic"; + context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; + } + else + { + await next.Invoke(context).ConfigureAwait(false); + } + } + + + + } +} diff --git a/CoreCms.Net.Web.WebApi/Program.cs b/CoreCms.Net.Web.WebApi/Program.cs index cb992870..5c8faf53 100644 --- a/CoreCms.Net.Web.WebApi/Program.cs +++ b/CoreCms.Net.Web.WebApi/Program.cs @@ -190,6 +190,8 @@ app.UseRequestResponseLog(); app.UseRecordAccessLogsMildd(GlobalEnumVars.CoreShopSystemCategory.Api.ToString()); // 记录ip请求 (注意开启权限,不然本地无法写入) app.UseIpLogMildd(); +// Swagger授权登录拦截 +app.UseSwaggerAuthorizedMildd(); #endregion //强制显示中文 diff --git a/CoreCms.Net.Web.WebApi/appsettings.json b/CoreCms.Net.Web.WebApi/appsettings.json index 0edf2fb8..35a7bb4b 100644 --- a/CoreCms.Net.Web.WebApi/appsettings.json +++ b/CoreCms.Net.Web.WebApi/appsettings.json @@ -13,6 +13,12 @@ "Login": "CoreShopProfessional", "PassWord": "uzmp0oq9wfbdeasygj647vr53" }, + //Swagger授权访问设置 + "SwaggerConfig": { + "RoutePrefix": "doc", //路由地址,默认doc + "UserName": "", + "PassWord": "" + }, "AppConfig": { "AppUrl": "https://admin.test.pro.coreshop.cn/", //后端管理地址 "AppPcUrl": "https://pc.test.pro.coreshop.cn/", //PC端访问地址