Seamus 3 ماه پیش
والد
کامیت
34222389c6
2فایلهای تغییر یافته به همراه14 افزوده شده و 12 حذف شده
  1. 1 1
      ERP.Framework/Middleware/AuthenticationMiddleware.cs
  2. 13 11
      ERP.Framework/Utils/UrlUtil.cs

+ 1 - 1
ERP.Framework/Middleware/AuthenticationMiddleware.cs

@@ -33,7 +33,7 @@ namespace ERP.Framework.Middleware
             var path = context.Request.Path.ToString();
             var securityConfig = _configuration.GetSection(FrameworkConstant.SECURITY_CONFIG).Get<SecurityConfig>() ?? new SecurityConfig();
 
-            if (securityConfig.WhiteList != null && securityConfig.WhiteList.Any(w => UrlUtil.Match(w, path)))
+            if (securityConfig.WhiteList != null && UrlUtil.Match(w, securityConfig.WhiteList))
             {
                 await next(context);
                 return;

+ 13 - 11
ERP.Framework/Utils/UrlUtil.cs

@@ -2,29 +2,31 @@
 // <date></date>
 // <description></description>
 
+using System.Text.RegularExpressions;
+
 namespace ERP.Framework.Utils
 {
     public class UrlUtil
     {
-        public static bool Match(string pattern, string path)
+        public static bool Match(string route, List<string> whiteList)
         {
-            string[] patternParts = pattern.Split('*', StringSplitOptions.RemoveEmptyEntries);
-
-            int currentIndex = 0;
+            if (!route.EndsWith("/"))
+            {
+                route += "/";
+            }
 
-            foreach (string patternPart in patternParts)
+            foreach (var pattern in whiteList)
             {
-                int index = path.IndexOf(patternPart, currentIndex, StringComparison.OrdinalIgnoreCase);
+                var regexPattern = "^" + Regex.Escape(pattern).Replace("\\*", ".*") + "$";
+                var regex = new Regex(regexPattern);
 
-                if (index == -1)
+                if (regex.IsMatch(route))
                 {
-                    return false;
+                    return true;
                 }
-
-                currentIndex = index + patternPart.Length;
             }
 
-            return true;
+            return false;
         }
     }
 }