Skip to content

M
mall.oytour.com
Commit 0f2248d3 authored by 黄奎's avatar 黄奎
Browse files
Options

页面修改

parent 4b1b0734
Hide whitespace changes
Inline Side-by-side
Showing with 93 additions and 52 deletions
Mall.CacheManager/User/UserReidsCache.cs
View file @ 0f2248d3
......@@ -205,7 +205,7 @@ namespace Mall.CacheManager.User
{
string token = "";
var umodel = member_UserRepository.GetEntity<RB_Member_User_Extend>(NewUserId);
if (umodel != null)
if (umodel != null && (umodel.Blacklist??0) == 0)
{
userInfo = new AppletUserInfo
{
......
Mall.WebApi/Controllers/TradePavilion/AppletTradeController.cs
View file @ 0f2248d3
......@@ -1632,7 +1632,7 @@ namespace Mall.WebApi.Controllers.TradePavilion
/// </summary>
/// <returns></returns>
[HttpPost]
[AllowAnonymous] [RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
[RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
public ApiResult GetCarrierPageList()
{
var userInfo = AppletUserInfo;
......@@ -1718,7 +1718,7 @@ namespace Mall.WebApi.Controllers.TradePavilion
/// </summary>
/// <returns></returns>
[HttpPost]
[AllowAnonymous] [RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
[RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
public ApiResult GetCarrierDetails()
{
var userInfo = AppletUserInfo;
......@@ -1904,10 +1904,10 @@ namespace Mall.WebApi.Controllers.TradePavilion
/// <returns></returns>
[HttpGet]
[HttpPost]
[AllowAnonymous] [RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
[RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
public ApiResult GetBrandPageList()
{
var userInfo = AppletUserInfo;
ResultPageModel pageModel = JsonConvert.DeserializeObject<ResultPageModel>(RequestParm.msg.ToString());
JObject parms = JObject.Parse(RequestParm.msg.ToString());
var query = new RB_Brand_Extend()
......@@ -1925,8 +1925,8 @@ namespace Mall.WebApi.Controllers.TradePavilion
DianLiang = parms.GetStringValue("DianLiang"),
PrizeId = parms.GetInt("PrizeId", 0),
};
query.MallBaseId = RequestParm.MallBaseId;
query.TenantId = RequestParm.TenantId;
query.MallBaseId = userInfo.MallBaseId;
query.TenantId = userInfo.TenantId;
var list = carrierModule.GetBrandPageList(pageModel.pageIndex, pageModel.pageSize, out long rowsCount, query);
List<RB_FirstShop_ListEnroll_Extend> listEnroll = new List<RB_FirstShop_ListEnroll_Extend>();
if (list != null && list.Any())
......@@ -1965,7 +1965,7 @@ namespace Mall.WebApi.Controllers.TradePavilion
/// <returns></returns>
[HttpGet]
[HttpPost]
[AllowAnonymous] [RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
[RateValve(Policy = Policy.Ip, Limit = 10, Duration = 60)]
public ApiResult GetBrandDetails()
{
var req = RequestParm;
......
Mall.WebApi/Controllers/User/AppletLoginController.cs
View file @ 0f2248d3
......@@ -93,10 +93,10 @@ namespace Mall.WebApi.Controllers.User
{
return ApiResult.ParamIsNull("请传递来源平台");
}
if (string.IsNullOrEmpty(demodel.OpenId))
{
return ApiResult.ParamIsNull("请传递唯一码");
}
//if (string.IsNullOrEmpty(demodel.OpenId))
//{
// return ApiResult.ParamIsNull("请传递唯一码");
//}
Model.Extend.MarketingCenter.RB_DiscountCoupon_Extend couponResult = new Model.Extend.MarketingCenter.RB_DiscountCoupon_Extend();
......
Mall.WebApi/Controllers/User/SupplierController.cs
View file @ 0f2248d3
......@@ -189,7 +189,11 @@ namespace Mall.WebApi.Controllers.User
{
var parms = RequestParm;
var query = JsonConvert.DeserializeObject<RB_Supplier_Extend>(RequestParm.msg.ToString());
query.TenantId = UserInfo.TenantId;
if (UserInfo != null)
{
query.TenantId = UserInfo.TenantId;
}
query.MallBaseId = parms.MallBaseId;
var oldLogisticsList = supplierModule.GetList(query);
return ApiResult.Success("", oldLogisticsList);
......
Mall.WebApi/Filter/ApiFilterAttribute.cs
View file @ 0f2248d3
......@@ -50,71 +50,108 @@ namespace Mall.WebApi.Filter
isCheckToken = false;
}
#region Token校验
if (isCheckToken)
{
JWTValidat(actionContext, token);
}
#endregion
#region 签名校验权限校验
if (actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] != null)
//token
var userToken = actionContext.HttpContext.Items[GlobalKey.TokenUserInfo];
if (userToken != null && !string.IsNullOrEmpty(userToken.ToString()))
{
string openValidation = new ConfigurationBuilder().Add(new JsonConfigurationSource { Path = "appsettings.json" }).Build().GetSection("OpenValidation").Value;
if (openValidation.Equals("True"))
JObject parms = JObject.Parse(userToken.ToString());
var requestFrom = parms.GetInt("requestFrom");
var uid = parms.GetStringValue("uid");
//后台用户
if (requestFrom == 1)
{
TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(actionContext.HttpContext.Items[GlobalKey.TokenUserInfo].ToString());
if (userInfo != null && (userInfo.requestFrom == Mall.Common.Enum.ApiRequestFromEnum.Web || userInfo.requestFrom == Mall.Common.Enum.ApiRequestFromEnum.MiniProgram))
{
SignValidat(actionContext, parm);
}
else
var cacheUser = UserReidsCache.GetUserLoginInfo(uid);
if (cacheUser == null || (cacheUser != null && (cacheUser.TenantId <= 0)))
{
#region 权限校验
if (userInfo.uid != Config.AdminId)
actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new ApiResult
{
SignValidat(actionContext, parm);
//PermissionValidat(actionContext);
}
#endregion
resultCode = (int)ResultCode.FormRepeatSubmit,
message = "Token验证失败!",
data = null
});
}
}
}
#endregion
#region 验证表单重复提交
string controllerName = actionContext.ActionDescriptor.RouteValues["controller"].ToString().ToLower();
string actionName = actionContext.ActionDescriptor.RouteValues["action"].ToString().ToLower();
if (!actionName.ToLower().Contains("get"))
{
string cachedKey = SecurityHelper.MD5(string.Format("cmd={0}&token={1}", controllerName + "/" + actionName, token));
try
else
{
if (UserReidsCache.Exists(cachedKey))//判断表单是否重复提交
var cacheMiniAppUser = UserReidsCache.GetAppletUserLoginInfo(uid);
if (cacheMiniAppUser == null || (cacheMiniAppUser != null && (cacheMiniAppUser.UserId <= 0)))
{
actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new ApiResult
{
resultCode = (int)ResultCode.FormRepeatSubmit,
message = "表单重复提交,请稍后再试",
message = "Token验证失败!",
data = null
});
}
else
}
}
#region 签名校验权限校验
if (actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] != null)
{
string openValidation = new ConfigurationBuilder().Add(new JsonConfigurationSource { Path = "appsettings.json" }).Build().GetSection("OpenValidation").Value;
if (openValidation.Equals("True"))
{
//默认3秒钟之内不能重复提交
UserReidsCache.Set(cachedKey, 1, 3);
TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(actionContext.HttpContext.Items[GlobalKey.TokenUserInfo].ToString());
if (userInfo != null && (userInfo.requestFrom == Mall.Common.Enum.ApiRequestFromEnum.Web || userInfo.requestFrom == Mall.Common.Enum.ApiRequestFromEnum.MiniProgram))
{
SignValidat(actionContext, parm);
}
else
{
#region 权限校验
if (userInfo.uid != Config.AdminId)
{
SignValidat(actionContext, parm);
//PermissionValidat(actionContext);
}
#endregion
}
}
}
catch
#endregion
#region 验证表单重复提交
string controllerName = actionContext.ActionDescriptor.RouteValues["controller"].ToString().ToLower();
string actionName = actionContext.ActionDescriptor.RouteValues["action"].ToString().ToLower();
if (!actionName.ToLower().Contains("get"))
{
string cachedKey = SecurityHelper.MD5(string.Format("cmd={0}&token={1}", controllerName + "/" + actionName, token));
try
{
if (UserReidsCache.Exists(cachedKey))//判断表单是否重复提交
{
actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new ApiResult
{
resultCode = (int)ResultCode.FormRepeatSubmit,
message = "表单重复提交,请稍后再试",
data = null
});
}
else
{
//默认3秒钟之内不能重复提交
UserReidsCache.Set(cachedKey, 1, 3);
}
}
catch
{
}
}
}
#endregion
#endregion
}
/// <summary>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment