tsai
/
abp-next-admin
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add hangfire dashboard white ip address options

pull/69/head
cKey 5 years ago
parent
15836ae17a
commit
cf827f8e1c
3 changed files with 37 additions and 29 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/AbpMessageServiceHttpApiHostModule.cs
  2. 32
      aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Authorization/HangfireDashboardAuthorizationFilter.cs
  3. 19
      aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Hangfire/HangfireDashboardRouteOptions.cs

15
aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/AbpMessageServiceHttpApiHostModule.cs
View File

@ -216,11 +216,20 @@ namespace LINGYUN.Abp.MessageService
Configure<HangfireDashboardRouteOptions>(options =>
{
if (configuration.GetSection("Hangfire:Dashboard:WhiteList").Exists())
{
options.WithWhite(
configuration["Hangfire:Dashboard:WhiteList"]
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.RemovePostFix("/"))
.ToArray());
}
options.WithOrigins(
configuration["App:CorsOrigins"]
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.RemovePostFix("/"))
.ToArray()
.Split(",", StringSplitOptions.RemoveEmptyEntries)
.Select(o => o.RemovePostFix("/"))
.ToArray()
);
});

32
aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Authorization/HangfireDashboardAuthorizationFilter.cs
View File

@ -20,12 +20,6 @@ namespace LINGYUN.Abp.MessageService.Authorization
public bool Authorize([NotNull] DashboardContext context)
{
// 本地请求
if (LocalRequestOnlyAuthorize(context))
{
return true;
}
// 放行路径
if (AllowGrantPath.Contains(context.Request.Path))
{
@ -37,6 +31,12 @@ namespace LINGYUN.Abp.MessageService.Authorization
if (options != null)
{
// 白名单检查
if (!context.Request.RemoteIpAddress.IsNullOrWhiteSpace()
&& options.IpAllow(context.Request.RemoteIpAddress))
{
return true;
}
// 请求路径对应的权限检查
// TODO: 怎么来传递用户身份令牌?
var permission = options.GetPermission(context.Request.Path);
@ -69,25 +69,5 @@ namespace LINGYUN.Abp.MessageService.Authorization
}
return base.Equals(obj);
}
protected virtual bool LocalRequestOnlyAuthorize(DashboardContext context)
{
if (string.IsNullOrEmpty(context.Request.RemoteIpAddress))
{
return false;
}
if (context.Request.RemoteIpAddress == "127.0.0.1" || context.Request.RemoteIpAddress == "::1")
{
return true;
}
if (context.Request.RemoteIpAddress == context.Request.LocalIpAddress)
{
return true;
}
return false;
}
}
}

19
aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/Hangfire/HangfireDashboardRouteOptions.cs
View File

@ -1,4 +1,5 @@
using LINGYUN.Abp.MessageService.Permissions;
using System;
using System.Collections.Generic;
using System.Linq;
@ -7,12 +8,30 @@ namespace Hangfire
public class HangfireDashboardRouteOptions
{
public IList<string> AllowFrameOrigins { get; }
/// <summary>
/// 白名单
/// 添加网关地址
/// </summary>
public IList<string> WhiteList { get; }
public IDictionary<string, string> RoutePermissions { get; }
public HangfireDashboardRouteOptions()
{
WhiteList = new List<string>();
AllowFrameOrigins = new List<string>();
RoutePermissions = new Dictionary<string, string>();
InitDefaultRoutes();
WithWhite("127.0.0.1");
WithWhite("::1");
}
public bool IpAllow(string ipaddress)
{
return WhiteList.Any(ip => ip == ipaddress);
}
public void WithWhite(params string[] wgites)
{
WhiteList.AddIfNotContains(wgites);
}
public void WithOrigins(params string[] origins)

Write Preview
Loading…
Cancel
Save