web api Role 權限

JWTVueDemo/ClientApp/public/index.html

@@ -9,7 +9,6 @@
   <title></title>
   <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900">
   <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css">
-  <script src="./ckeditor/ckeditor.js"></script>
 </head>
 
 <body>

JWTVueDemo/ClientApp/src/App.vue

@@ -28,7 +28,12 @@
     <v-footer color="indigo" app>
       <span class="white--text">&copy; 2020</span>
     </v-footer>
-    <v-snackbar v-model="snackbar.visible" :timeout="0" :top="true" :color="snackbar.color">{{ snackbar.message }}</v-snackbar>
+    <v-snackbar
+      v-model="snackbar.visible"
+      :timeout="0"
+      :top="true"
+      :color="snackbar.color"
+    >{{ snackbar.message }}</v-snackbar>
   </v-app>
   <v-app v-else>
     <router-view />
@@ -43,13 +48,12 @@ export default {
   data: () => ({
     sideBarOpen: false,
     changePasswordDialogVisible: false,
-    requiredRule: [(v) => !!v || 'Required'],
+    requiredRule: [v => !!v || 'Required']
   }),
   created() {
     const localJWT = localStorage.getItem('authJWT');
     if (localJWT) {
       this.$store.commit('SetAuthJWT', { authJWT: localJWT });
-      this.$store.dispatch('basicData');
     } else {
       this.$router.push('/login');
     }
@@ -58,7 +62,7 @@ export default {
   methods: {
     Logout() {
       this.$store.dispatch('Logout');
-    },
+    }
   },
   computed: {
     pageTitle() {
@@ -69,7 +73,7 @@ export default {
     },
     getLinks() {
       return this.$router.options.routes.filter(
-        (link) => link.isMenu //&& (link.admin === undefined || link.admin === this.$store.state.authData.isAdmin)
+        link => link.isMenu //&& (link.admin === undefined || link.admin === this.$store.state.authData.isAdmin)
       );
     },
     isAdmin() {
@@ -77,9 +81,9 @@ export default {
     },
     snackbar() {
       return this.$store.state.snackbar;
-    },
+    }
   },
-  watch: {},
+  watch: {}
 };
 </script>
 <style lang="scss">

JWTVueDemo/ClientApp/src/api/auth.js

 import { instance } from './instance';
 
 export const login = ({ Account, Password }) => instance.post('/Auth/Login', { Account, Password });
+
+export default {
+  testAdmin: () => instance.get('/Auth/TestAdmin'),
+  testUser: () => instance.get('/Auth/TestUser'),
+  testAdminAndUser: () => instance.get('/Auth/TestAdminAndUser'),
+};

JWTVueDemo/ClientApp/src/api/instance.js

@@ -3,10 +3,10 @@ import store from '../store/index';
 import router from '@/router';
 import { authDataAction } from '../store/authData';
 const instance = axios.create({
-  baseURL: process.env.VUE_APP_API_BASE_URL
+  baseURL: process.env.VUE_APP_API_BASE_URL,
 });
 
-instance.interceptors.request.use(config => {
+instance.interceptors.request.use((config) => {
   const authJWT = store.state.authData.authJWT;
   if (authJWT) {
     config.headers.Authorization = 'Bearer ' + authJWT;
@@ -14,14 +14,14 @@ instance.interceptors.request.use(config => {
   return config;
 });
 instance.interceptors.response.use(
-  config => {
+  (config) => {
     // console.log(config);
     return config; //.data;
   },
-  error => {
+  (error) => {
     if (error.response && (error.response.status === 401 || error.response.status === 403)) {
-      store.dispatch(authDataAction.Logout);
-      router.push('/');
+      // store.dispatch(authDataAction.Logout);
+      // router.push('/');
     }
     return Promise.reject(error);
   }

JWTVueDemo/ClientApp/src/store/authData.js

@@ -50,7 +50,6 @@ const authData = {
       if (data.Success) {
         commit(SetAuthJWT, { authJWT: data.Data });
         localStorage.setItem('authJWT', data.Data);
-        dispatch('basicData');
       }
       return data;
     },

JWTVueDemo/ClientApp/src/views/Home.vue

 <template>
   <div class="home">
-    <!-- <v-btn>Home</v-btn> -->
+    <v-btn @click="testAdmin">TestAdmin</v-btn>
+    <v-btn @click="testUser">TestUser</v-btn>
+    <v-btn @click="testAdminAndUser">TestAdminAndUser</v-btn>
   </div>
 </template>
 
 <script>
 // @ is an alias to /src
 import { setPageTitleMixin } from '../mixins/setPageTitleMixin';
+import authApi from '../api/auth';
 export default {
   mixins: [setPageTitleMixin],
   components: {},
-  name: 'home'
+  name: 'home',
+  methods: {
+    async testAdmin() {
+      const response = await authApi.testAdmin();
+      console.log(response);
+    },
+    async testUser() {
+      const response = await authApi.testUser();
+      console.log(response);
+    },
+    async testAdminAndUser() {
+      const response = await authApi.testAdminAndUser();
+      console.log(response);
+    }
+  }
 };
 </script>

JWTVueDemo/Const/Roles.cs

+namespace JWTVueDemo.Const
+{
+    public static class Roles
+    {
+        public const string Role = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role";
+        public const string Admin = "Admin";
+        public const string User = "User";
+        public const string AdminAndUser = "Admin,User";
+    }
+}

JWTVueDemo/Controllers/AuthController.cs

-using JWTVueDemo.Models;
+using JWTVueDemo.Const;
+using JWTVueDemo.Models;
 using JWTVueDemo.Models.RequestModel;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
@@ -31,13 +33,14 @@ namespace JWTVueDemo.Controllers
             };
             if (loginInfo.Account.Equals("admin") && loginInfo.Password.Equals("123"))
             {
+                var isAdmin = true;
                 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(AppSettings.JWTSecret));
                 var tokenDescriptor = new SecurityTokenDescriptor
                 {
                     Subject = new ClaimsIdentity(new Claim[]
                     {
                         new Claim("UserId","admin"),
-                        //new Claim("roles",isAdmin?Roles.Admin:Roles.User)
+                        new Claim("roles",isAdmin?Roles.Admin:Roles.User)
                     }),
                     Expires = DateTime.UtcNow.AddDays(30),
                     SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature)
@@ -55,5 +58,48 @@ namespace JWTVueDemo.Controllers
                 return response;
             }
         }
+        [HttpGet("[action]")]
+        public BaseResponse<DateTime> Test()
+        {
+            return new BaseResponse<DateTime>
+            {
+                Data = DateTime.Now,
+                Msg = "Test",
+                Success = true
+            };
+        }
+        [Authorize(Roles = Roles.Admin)]
+        [HttpGet("[action]")]
+        public BaseResponse<DateTime> TestAdmin()
+        {
+            return new BaseResponse<DateTime>
+            {
+                Data = DateTime.Now,
+                Msg = "TestAdmin",
+                Success = true
+            };
+        }
+        [Authorize(Roles = Roles.User)]
+        [HttpGet("[action]")]
+        public BaseResponse<DateTime> TestUser()
+        {
+            return new BaseResponse<DateTime>
+            {
+                Data = DateTime.Now,
+                Msg = "TestUser",
+                Success = true
+            };
+        }
+        [Authorize(Roles = Roles.AdminAndUser)]
+        [HttpGet("[action]")]
+        public BaseResponse<DateTime> TestAdminAndUser()
+        {
+            return new BaseResponse<DateTime>
+            {
+                Data = DateTime.Now,
+                Msg = "TestAdminAndUser",
+                Success = true
+            };
+        }
     }
 }