mirror of
http://git.coreshop.cn/jianweie/coreshoppro.git
synced 2025-12-06 19:13:26 +08:00
【新增】Swagger访问增加简单权限验证,防止api文档投产情况下未特意屏蔽api文档访问权限的问题。
This commit is contained in:
jianweie code
@@ -144,6 +144,25 @@ namespace CoreCms.Net.Configuration
|
|||||||
public static readonly string WeiXinAppSecret = AppSettingsHelper.GetContent("WeChatOptions", "WeiXinAppSecret");
|
public static readonly string WeiXinAppSecret = AppSettingsHelper.GetContent("WeChatOptions", "WeiXinAppSecret");
|
||||||
|
|
||||||
|
|
||||||
|
#endregion
|
||||||
|
|
||||||
|
#region Swagger授权访问设置================================================================================
|
||||||
|
/// <summary>
|
||||||
|
/// Swagger文档默认访问路由地址
|
||||||
|
/// </summary>
|
||||||
|
public static readonly string SwaggerRoutePrefix = AppSettingsHelper.GetContent("SwaggerConfig", "RoutePrefix");
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Swagger文档登录账号
|
||||||
|
/// </summary>
|
||||||
|
public static readonly string SwaggerUserName = AppSettingsHelper.GetContent("SwaggerConfig", "UserName");
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Swagger文档登录密码
|
||||||
|
/// </summary>
|
||||||
|
public static readonly string SwaggerPassWord = AppSettingsHelper.GetContent("SwaggerConfig", "PassWord");
|
||||||
|
|
||||||
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -82,5 +82,16 @@ namespace CoreCms.Net.Middlewares
|
|||||||
return app.UseMiddleware<RecordAccessLogsMildd>(dataSources);
|
return app.UseMiddleware<RecordAccessLogsMildd>(dataSources);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Swagger授权中间件
|
||||||
|
/// </summary>
|
||||||
|
/// <param name="app"></param>
|
||||||
|
/// <returns></returns>
|
||||||
|
public static IApplicationBuilder UseSwaggerAuthorizedMildd(this IApplicationBuilder app)
|
||||||
|
{
|
||||||
|
return app.UseMiddleware<SwaggerBasicAuthMiddleware>();
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
62
CoreCms.Net.Middlewares/SwaggerBasicAuthMiddleware.cs
Normal file
62
CoreCms.Net.Middlewares/SwaggerBasicAuthMiddleware.cs
Normal file
@@ -0,0 +1,62 @@
|
|||||||
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
using System.Net;
|
||||||
|
using System.Net.Http.Headers;
|
||||||
|
using System.Text;
|
||||||
|
using System.Threading.Tasks;
|
||||||
|
using CoreCms.Net.Configuration;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
|
namespace CoreCms.Net.Middlewares
|
||||||
|
{
|
||||||
|
/// <summary>
|
||||||
|
/// Swagger授权登录拦截
|
||||||
|
/// </summary>
|
||||||
|
public class SwaggerBasicAuthMiddleware
|
||||||
|
{
|
||||||
|
|
||||||
|
private readonly RequestDelegate next;
|
||||||
|
public SwaggerBasicAuthMiddleware(RequestDelegate next)
|
||||||
|
{
|
||||||
|
this.next = next;
|
||||||
|
}
|
||||||
|
public async Task InvokeAsync(HttpContext context)
|
||||||
|
{
|
||||||
|
var path = "/" + AppSettingsConstVars.SwaggerRoutePrefix;
|
||||||
|
|
||||||
|
if (context.Request.Path.StartsWithSegments(path))
|
||||||
|
{
|
||||||
|
string authHeader = context.Request.Headers["Authorization"];
|
||||||
|
if (authHeader != null && authHeader.StartsWith("Basic "))
|
||||||
|
{
|
||||||
|
// Get the credentials from request header
|
||||||
|
var header = AuthenticationHeaderValue.Parse(authHeader);
|
||||||
|
var inBytes = Convert.FromBase64String(header.Parameter);
|
||||||
|
var credentials = Encoding.UTF8.GetString(inBytes).Split(':');
|
||||||
|
var username = credentials[0];
|
||||||
|
var password = credentials[1];
|
||||||
|
|
||||||
|
var swaggerUserName = AppSettingsConstVars.SwaggerUserName;
|
||||||
|
var swaggerPassWord = AppSettingsConstVars.SwaggerPassWord;
|
||||||
|
|
||||||
|
// validate credentials
|
||||||
|
if (!string.IsNullOrEmpty(swaggerUserName) && !string.IsNullOrEmpty(swaggerPassWord) && username.Equals(swaggerUserName) && password.Equals(swaggerPassWord))
|
||||||
|
{
|
||||||
|
await next.Invoke(context).ConfigureAwait(false);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
context.Response.Headers["WWW-Authenticate"] = "Basic";
|
||||||
|
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await next.Invoke(context).ConfigureAwait(false);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -190,6 +190,8 @@ app.UseRequestResponseLog();
|
|||||||
app.UseRecordAccessLogsMildd(GlobalEnumVars.CoreShopSystemCategory.Api.ToString());
|
app.UseRecordAccessLogsMildd(GlobalEnumVars.CoreShopSystemCategory.Api.ToString());
|
||||||
// 记录ip请求 (注意开启权限,不然本地无法写入)
|
// 记录ip请求 (注意开启权限,不然本地无法写入)
|
||||||
app.UseIpLogMildd();
|
app.UseIpLogMildd();
|
||||||
|
// Swagger授权登录拦截
|
||||||
|
app.UseSwaggerAuthorizedMildd();
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
//强制显示中文
|
//强制显示中文
|
||||||
|
|||||||
@@ -13,6 +13,12 @@
|
|||||||
"Login": "CoreShopProfessional",
|
"Login": "CoreShopProfessional",
|
||||||
"PassWord": "uzmp0oq9wfbdeasygj647vr53"
|
"PassWord": "uzmp0oq9wfbdeasygj647vr53"
|
||||||
},
|
},
|
||||||
|
//Swagger授权访问设置
|
||||||
|
"SwaggerConfig": {
|
||||||
|
"RoutePrefix": "doc", //路由地址,默认doc
|
||||||
|
"UserName": "",
|
||||||
|
"PassWord": ""
|
||||||
|
},
|
||||||
"AppConfig": {
|
"AppConfig": {
|
||||||
"AppUrl": "https://admin.test.pro.coreshop.cn/", //后端管理地址
|
"AppUrl": "https://admin.test.pro.coreshop.cn/", //后端管理地址
|
||||||
"AppPcUrl": "https://pc.test.pro.coreshop.cn/", //PC端访问地址
|
"AppPcUrl": "https://pc.test.pro.coreshop.cn/", //PC端访问地址
|
||||||
|
|||||||
Reference in New Issue
Block a user