feature: add CookieAuth & JwtAuth (dotnetcore#123)

* feature: add CookieAuth & JwtAuth
323111060 · Nov 5, 2019 · 175da60 · 175da60
1 parent 1eaca82
commit 175da60
Show file tree

Hide file tree

Showing 136 changed files with 3,858 additions and 1,224 deletions.
diff --git a/WalkingTec.Mvvm.sln b/WalkingTec.Mvvm.sln
@@ -22,7 +22,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "demo", "demo", "{DE184A47-C
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WalkingTec.Mvvm.TagHelpers.LayUI", "src\WalkingTec.Mvvm.TagHelpers.LayUI\WalkingTec.Mvvm.TagHelpers.LayUI.csproj", "{0401952E-D2BB-40CB-9F1B-8008BB947631}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WalkingTec.Mvvm.Core", "src\WalkingTec.Mvvm.Core\WalkingTec.Mvvm.Core.csproj", "{5FF462FC-FD3F-4321-BE59-DF206C9B78FB}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WalkingTec.Mvvm.Core", "src\WalkingTec.Mvvm.Core\WalkingTec.Mvvm.Core.csproj", "{5FF462FC-FD3F-4321-BE59-DF206C9B78FB}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WalkingTec.Mvvm.Mvc", "src\WalkingTec.Mvvm.Mvc\WalkingTec.Mvvm.Mvc.csproj", "{4207C275-FDCD-4681-AAAC-23228294EC27}"
 EndProject

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/DataTableController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/DataTableController.cs
@@ -1,8 +1,5 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc;
+
 using WalkingTec.Mvvm.Core;
 using WalkingTec.Mvvm.Core.Extensions;
 using WalkingTec.Mvvm.Demo.ViewModels.DataTableVMs;

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/HomeController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/HomeController.cs
@@ -1,8 +1,16 @@
-using Microsoft.AspNetCore.Mvc;
-using Newtonsoft.Json;
 using System.Collections.Generic;
 using System.Linq;
+using System.Text;
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.DependencyInjection;
+
 using WalkingTec.Mvvm.Core;
+using WalkingTec.Mvvm.Core.Auth;
 using WalkingTec.Mvvm.Demo.ViewModels.HomeVMs;
 using WalkingTec.Mvvm.Mvc;
 
@@ -19,7 +27,7 @@ public IActionResult Index()
             return View(vm);
         }
 
-        [Public]
+        [AllowAnonymous]
         public IActionResult PIndex()
         {
             return View();
@@ -80,5 +88,26 @@ public IActionResult Layout()
             return PartialView();
         }
 
+        [AllRights]
+        public IActionResult UserInfo()
+        {
+            if (HttpContext.Request.Cookies.TryGetValue(CookieAuthenticationDefaults.CookiePrefix + AuthConstants.CookieAuthName, out string cookieValue))
+            {
+                var protectedData = Base64UrlTextEncoder.Decode(cookieValue);
+                var dataProtectionProvider = HttpContext.RequestServices.GetRequiredService<IDataProtectionProvider>();
+                var _dataProtector = dataProtectionProvider
+                                        .CreateProtector(
+                                            "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware",
+                                            CookieAuthenticationDefaults.AuthenticationScheme,
+                                            "v2");
+                var unprotectedData = _dataProtector.Unprotect(protectedData);
+
+                string cookieData = Encoding.UTF8.GetString(unprotectedData);
+                return Json(cookieData);
+            }
+            else
+                return Json("无数据");
+        }
+
     }
 }
diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/LoginController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/LoginController.cs
@@ -1,19 +1,25 @@
-using Microsoft.AspNetCore.Mvc;
+
+using System;
 using System.Web;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Mvc;
 using WalkingTec.Mvvm.Core;
-using WalkingTec.Mvvm.Mvc;
+using WalkingTec.Mvvm.Core.Extensions;
 using WalkingTec.Mvvm.Demo.ViewModels.HomeVMs;
+using WalkingTec.Mvvm.Mvc;
 
 namespace WalkingTec.Mvvm.Demo.Controllers
 {
-    [Public]
     public class LoginController : BaseController
     {
+        [Public]
         [ActionDescription("登录")]
         public IActionResult Login()
         {
             LoginVM vm = CreateVM<LoginVM>();
-            vm.Redirect = HttpContext.Request.Query["rd"];
+            vm.Redirect = HttpContext.Request.Query["Redirect"];
             if (ConfigInfo.IsQuickDebug == true)
             {
                 vm.ITCode = "admin";
@@ -22,8 +28,9 @@ public IActionResult Login()
             return View(vm);
         }
 
+        [Public]
         [HttpPost]
-        public ActionResult Login(LoginVM vm)
+        public async Task<ActionResult> Login(LoginVM vm)
         {
             if (ConfigInfo.IsQuickDebug == false)
             {
@@ -43,7 +50,7 @@ public ActionResult Login(LoginVM vm)
             else
             {
                 LoginUserInfo = user;
-                string url = "";
+                string url = string.Empty;
                 if (!string.IsNullOrEmpty(vm.Redirect))
                 {
                     url = vm.Redirect;
@@ -52,16 +59,32 @@ public ActionResult Login(LoginVM vm)
                 {
                     url = "/";
                 }
+
+                AuthenticationProperties properties = null;
+                if (vm.RememberLogin)
+                {
+                    properties = new AuthenticationProperties
+                    {
+                        IsPersistent = true,
+                        ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromDays(30))
+                    };
+                }
+
+                var principal = user.CreatePrincipal();
+                // 在上面注册AddAuthentication时，指定了默认的Scheme，在这里便可以不再指定Scheme。
+                await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, properties);
+
                 return Redirect(HttpUtility.UrlDecode(url));
             }
         }
 
+        [AllRights]
         [ActionDescription("登出")]
-        public ActionResult Logout()
+        public async Task Logout()
         {
-            LoginUserInfo = null;
             HttpContext.Session.Clear();
-            return Redirect("/Login/Login?rd=");
+            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+            HttpContext.Response.Redirect("/");
         }
 
         [AllRights]
@@ -73,6 +96,7 @@ public ActionResult ChangePassword()
             return PartialView(vm);
         }
 
+        [AllRights]
         [HttpPost]
         [ActionDescription("修改密码")]
         public ActionResult ChangePassword(ChangePasswordVM vm)

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/MajorController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/MajorController.cs
@@ -1,14 +1,15 @@
+using System;
+
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using System;
+
 using WalkingTec.Mvvm.Core;
 using WalkingTec.Mvvm.Mvc;
 using WalkingTec.Mvvm.Demo.ViewModels.MajorVMs;
 using WalkingTec.Mvvm.Core.Extensions;
 
 namespace WalkingTec.Mvvm.Demo.Controllers
 {
-
     [ActionDescription("专业管理（一对多）")]
     public class MajorController : BaseController
     {

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/MyUserController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/MyUserController.cs
@@ -1,14 +1,15 @@
+using System;
+
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using System;
+
 using WalkingTec.Mvvm.Core;
 using WalkingTec.Mvvm.Mvc;
 using WalkingTec.Mvvm.Demo.ViewModels.MyUserVMs;
 using WalkingTec.Mvvm.Core.Extensions;
 
 namespace WalkingTec.Mvvm.Demo.Controllers
 {
-
     [ActionDescription("自定义用户")]
     public class MyUserController : BaseController
     {

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/SchoolApiController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/SchoolApiController.cs
@@ -1,15 +1,19 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
-using System.Threading.Tasks;
+
 using Microsoft.AspNetCore.Mvc;
+
 using WalkingTec.Mvvm.Core;
+using WalkingTec.Mvvm.Core.Auth.Attribute;
 using WalkingTec.Mvvm.Core.Extensions;
 using WalkingTec.Mvvm.Demo.ViewModels.SchoolVMs;
 using WalkingTec.Mvvm.Mvc;
 
 namespace WalkingTec.Mvvm.Demo.Controllers
 {
+    [AuthorizeJwt]
+    [AllRights]
     [ActionDescription("学校管理Api")]
     [ApiController]
     [Route("api/School")]
@@ -26,7 +30,7 @@ public string Search(SchoolSearcher searcher)
 
         [ActionDescription("获取")]
         [HttpGet("{id}")]
-        public SchoolVM Get(Guid id)
+        public SchoolVM Get(int id)
         {
             var vm = CreateVM<SchoolVM>(id);
             return vm;

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/SchoolController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/SchoolController.cs
@@ -1,16 +1,17 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using System;
+
 using WalkingTec.Mvvm.Core;
 using WalkingTec.Mvvm.Mvc;
 using WalkingTec.Mvvm.Demo.ViewModels.SchoolVMs;
 using WalkingTec.Mvvm.Mvc.Binders;
 using WalkingTec.Mvvm.Demo.Models;
 using WalkingTec.Mvvm.Core.Extensions;
+using WalkingTec.Mvvm.Core.Auth.Attribute;
 
 namespace WalkingTec.Mvvm.Demo.Controllers
 {
-
+    [AuthorizeJwtWithCookie]
     [ActionDescription("学校管理（单表）")]
     public class SchoolController : BaseController
     {
@@ -49,7 +50,7 @@ public ActionResult EditIndex()
         [ActionDescription("搜索并修改某字段")]
         public ActionResult EditIndex(SchoolListVM2 vm)
         {
-            //由于只更新名称字段，其他必填字段并没有值也不影响            
+            //由于只更新名称字段，其他必填字段并没有值也不影响
             ModelState.Clear();
             foreach (var item in vm.EntityList)
             {
@@ -176,11 +177,11 @@ public ActionResult DoBatchEdit(SchoolBatchVM vm, IFormCollection nouse)
         {
             if (!ModelState.IsValid || !vm.DoBatchEdit())
             {
-                return PartialView("BatchEdit",vm);
+                return PartialView("BatchEdit", vm);
             }
             else
             {
-                return FFResult().RefreshGrid().CloseDialog().Alert("操作成功，共有"+vm.Ids.Length+"条数据被修改");
+                return FFResult().RefreshGrid().CloseDialog().Alert("操作成功，共有" + vm.Ids.Length + "条数据被修改");
             }
         }
         #endregion
@@ -200,17 +201,17 @@ public ActionResult DoBatchDelete(SchoolBatchVM vm, IFormCollection nouse)
         {
             if (!ModelState.IsValid || !vm.DoBatchDelete())
             {
-                return PartialView("BatchDelete",vm);
+                return PartialView("BatchDelete", vm);
             }
             else
             {
-                return FFResult().RefreshGrid().CloseDialog().Alert("操作成功，共有"+vm.Ids.Length+"条数据被删除");
+                return FFResult().RefreshGrid().CloseDialog().Alert("操作成功，共有" + vm.Ids.Length + "条数据被删除");
             }
         }
         #endregion
 
         #region 导入
-		[ActionDescription("导入")]
+        [ActionDescription("导入")]
         public ActionResult Import()
         {
             var vm = CreateVM<SchoolImportVM>();

diff --git a/demo/WalkingTec.Mvvm.Demo/Controllers/StudentController.cs b/demo/WalkingTec.Mvvm.Demo/Controllers/StudentController.cs
@@ -1,14 +1,15 @@
+using System;
+
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using System;
+
 using WalkingTec.Mvvm.Core;
 using WalkingTec.Mvvm.Mvc;
 using WalkingTec.Mvvm.Demo.ViewModels.StudentVMs;
 using WalkingTec.Mvvm.Core.Extensions;
 
 namespace WalkingTec.Mvvm.Demo.Controllers
 {
-
     [ActionDescription("学生管理（多对多）")]
     public class StudentController : BaseController
     {

diff --git a/demo/WalkingTec.Mvvm.Demo/Models/Major.cs b/demo/WalkingTec.Mvvm.Demo/Models/Major.cs
@@ -1,8 +1,6 @@
-using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
-using System.Linq;
-using System.Threading.Tasks;
+
 using WalkingTec.Mvvm.Core;
 
 namespace WalkingTec.Mvvm.Demo.Models

diff --git a/demo/WalkingTec.Mvvm.Demo/Models/MyUser.cs b/demo/WalkingTec.Mvvm.Demo/Models/MyUser.cs
@@ -1,5 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
+
 using WalkingTec.Mvvm.Core;
 
 namespace WalkingTec.Mvvm.Demo.Models

diff --git a/demo/WalkingTec.Mvvm.Demo/Models/School.cs b/demo/WalkingTec.Mvvm.Demo/Models/School.cs
@@ -1,9 +1,7 @@
-using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
-using System.Linq;
-using System.Threading.Tasks;
+
 using WalkingTec.Mvvm.Core;
 
 namespace WalkingTec.Mvvm.Demo.Models

diff --git a/demo/WalkingTec.Mvvm.Demo/Models/Student.cs b/demo/WalkingTec.Mvvm.Demo/Models/Student.cs
@@ -1,8 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
-using System.Linq;
-using System.Threading.Tasks;
+
 using WalkingTec.Mvvm.Core;
 
 namespace WalkingTec.Mvvm.Demo.Models

diff --git a/demo/WalkingTec.Mvvm.Demo/Models/StudentMajor.cs b/demo/WalkingTec.Mvvm.Demo/Models/StudentMajor.cs
@@ -1,7 +1,5 @@
 using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
+
 using WalkingTec.Mvvm.Core;
 using WalkingTec.Mvvm.Core.Attributes;
 

diff --git a/demo/WalkingTec.Mvvm.Demo/Program.cs b/demo/WalkingTec.Mvvm.Demo/Program.cs
@@ -17,7 +17,7 @@ namespace WalkingTec.Mvvm.Demo
     public class Program
     {
         public static void Main(string[] args)
-        {           
+        {
             CreateWebHostBuilder(args).Build().Run();
         }
 
@@ -52,6 +52,17 @@ public static IWebHostBuilder CreateWebHostBuilder(string[] args)
                         x.AddSwaggerGen(c =>
                         {
                             c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });
+                            c.AddSecurityDefinition("Bearer", new ApiKeyScheme()
+                            {
+                                Description = "JWT Bearer",
+                                Name = "Authorization",
+                                In = "header",
+                                Type = "apiKey"
+                            });
+                            c.AddSecurityRequirement(new Dictionary<string, IEnumerable<string>>
+                            {
+                                { "Bearer", new string[] { } }
+                            });
                         });
                     })
                     .Configure(x =>