Falcon/Falcon.SugarApi
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Swagger基础认真限定范围测试

Browse Source
This commit is contained in:
FalconFly 2024-04-19 14:00:38 +08:00
parent d27d4bec62
commit 3d338ea7cc
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
View File

@ -1,7 +1,6 @@
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http.Headers;
using System.Text;
@ -11,6 +10,7 @@ namespace Falcon.SugarApi.Swagger
{
/// <summary>
/// Swagger接口基础认证
/// <para>安全认证只对swagger接口页面进行保护</para>
/// </summary>
public class SwaggerBasicAuthMiddleware
{
@ -47,12 +47,15 @@ namespace Falcon.SugarApi.Swagger
await ToNext(context);
return;
}
var protectPaths = new List<string> { };
var pf = this.Options.Prefix.StartsWith("/") ? this.Options.Prefix : "/" + this.Options.Prefix;
if(!context.Request.Path.StartsWithSegments(pf)) {
protectPaths.Add(pf);
protectPaths.Add(pf + "/index.html");
if(!protectPaths.Contains(context.Request.Path)) {
await ToNext(context);
return;
}
string authHeader = context.Request.Headers["Authorization"];
string? authHeader = context.Request.Headers["Authorization"];
if(authHeader == null || !authHeader.StartsWith("Basic ")) {
needAuth(context);
return;