2026-05-11 14:35:34 +08:00
|
|
|
|
using System.Security.Claims;
|
|
|
|
|
|
|
|
|
|
|
|
namespace Avalonia_Services.Core
|
|
|
|
|
|
{
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 鉴权服务抽象 —— 各宿主按自己的方式实现(JWT / Cookie / Token 等)。
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public interface IAuthService
|
|
|
|
|
|
{
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 验证请求并返回用户主体;返回 null 表示未授权。
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
Task<ClaimsPrincipal?> AuthenticateAsync(ServiceEndpointContext context);
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 检查当前用户是否有指定权限。
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
Task<bool> AuthorizeAsync(ClaimsPrincipal user, string policy);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 无需鉴权的默认实现(开发/公开 API 场景)。
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public sealed class AnonymousAuthService : IAuthService
|
|
|
|
|
|
{
|
2026-05-18 11:35:13 +08:00
|
|
|
|
/// <inheritdoc />
|
2026-05-11 14:35:34 +08:00
|
|
|
|
public Task<ClaimsPrincipal?> AuthenticateAsync(ServiceEndpointContext context)
|
|
|
|
|
|
{
|
|
|
|
|
|
// 匿名用户,始终通过
|
|
|
|
|
|
var identity = new ClaimsIdentity("anonymous");
|
|
|
|
|
|
return Task.FromResult<ClaimsPrincipal?>(new ClaimsPrincipal(identity));
|
|
|
|
|
|
}
|
2026-05-18 11:34:50 +08:00
|
|
|
|
/// <inheritdoc />
|
2026-05-11 14:35:34 +08:00
|
|
|
|
public Task<bool> AuthorizeAsync(ClaimsPrincipal user, string policy)
|
|
|
|
|
|
{
|
|
|
|
|
|
return Task.FromResult(true);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
