From 3d338ea7cc29c7a7e04478e8eb2ee07dee789249 Mon Sep 17 00:00:00 2001
From: FalconFly <12919280+falconfly@user.noreply.gitee.com>
Date: Fri, 19 Apr 2024 14:00:38 +0800
Subject: [PATCH] =?UTF-8?q?Swagger=E5=9F=BA=E7=A1=80=E8=AE=A4=E7=9C=9F?=
=?UTF-8?q?=E9=99=90=E5=AE=9A=E8=8C=83=E5=9B=B4=E6=B5=8B=E8=AF=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs b/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
index a2797fb..ae23755 100644
--- a/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
+++ b/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
@@ -1,7 +1,6 @@
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
-using System.Linq;
using System.Net;
using System.Net.Http.Headers;
using System.Text;
@@ -11,6 +10,7 @@ namespace Falcon.SugarApi.Swagger
{
///
/// Swagger接口基础认证
+ /// 安全认证只对swagger接口页面进行保护
///
public class SwaggerBasicAuthMiddleware
{
@@ -47,12 +47,15 @@ namespace Falcon.SugarApi.Swagger
await ToNext(context);
return;
}
+ var protectPaths = new List { };
var pf = this.Options.Prefix.StartsWith("/") ? this.Options.Prefix : "/" + this.Options.Prefix;
- if(!context.Request.Path.StartsWithSegments(pf)) {
+ protectPaths.Add(pf);
+ protectPaths.Add(pf + "/index.html");
+ if(!protectPaths.Contains(context.Request.Path)) {
await ToNext(context);
return;
}
- string authHeader = context.Request.Headers["Authorization"];
+ string? authHeader = context.Request.Headers["Authorization"];
if(authHeader == null || !authHeader.StartsWith("Basic ")) {
needAuth(context);
return;