添加授权

FuelCloud/Fuel.Application/Authorization/Class1.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fuel.Application.Authorization
+{
+    internal class Class1
+    {
+    }
+}

FuelCloud/Fuel.Application/Authorization/PermissionAttribute.cs

@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Fuel.Application.Authorization
+{
+    public class PermissionAttribute : AuthorizeAttribute
+    {
+        public PermissionAttribute(string permission)
+        {
+            Policy = $"Permission_{permission}";
+        }
+    }
+}

FuelCloud/Fuel.Application/Authorization/PermissionHandler.cs

@@ -0,0 +1,49 @@
+using Microsoft.AspNetCore.Authorization;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Text;
+using System.Threading.Tasks;
+using Fuel.Application.Service;
+
+namespace Fuel.Application.Authorization
+{
+    public class PermissionHandler : AuthorizationHandler<PermissionRequirement>
+    {
+        private readonly IUserService _userService;
+
+        public PermissionHandler(IUserService userService)
+        {
+            _userService = userService;
+        }
+
+        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
+        {
+            var user = context.User;
+
+            if (user == null || !user.Identity.IsAuthenticated)
+            {
+                return;
+            }
+
+            // 从用户声明中获取用户 ID
+            var userIdClaim = user.FindFirst(ClaimTypes.NameIdentifier);
+            if (userIdClaim == null)
+            {
+                return;
+            }
+
+            var userId = userIdClaim.Value;
+
+            // 查询用户的权限列表
+            var permissions = await _userService.GetUserPermissions(userId);
+
+            // 检查用户是否有足够的权限
+            if (permissions.Contains(requirement.Permission))
+            {
+                context.Succeed(requirement);
+            }
+        }
+    }
+}

FuelCloud/Fuel.Application/Authorization/PermissionRequirement.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+
+namespace Fuel.Application.Authorization
+{
+    public class PermissionRequirement : IAuthorizationRequirement
+    {
+        public string Permission { get; }
+
+        public PermissionRequirement(string permission)
+        {
+            Permission = permission;
+        }
+    }
+}

FuelCloud/Fuel.Application/Service/IUserService.cs

@@ -0,0 +1,15 @@
+using FuelServer.Core.Entity;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fuel.Application.Service
+{
+    public interface  IUserService
+    {
+        Task<IEnumerable<string>> GetUserPermissions(string userId);
+        users ValidateCredentials(string username, string password);
+    }
+}

FuelCloud/Fuel.Application/Service/UserService.cs

@@ -0,0 +1,32 @@
+using FuelServer.Core.Entity;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fuel.Application.Service
+{
+    public class UserService : IUserService
+    {
+        private readonly EntityHelper _entityHelper;
+        public UserService(EntityHelper entityHelper)
+        {
+            _entityHelper = entityHelper;
+        }
+        public users ValidateCredentials(string username, string password)
+        {
+            return _entityHelper.GetEntitiesAsync<users>(_ => _.Account == username && _.Password == password).Result.FirstOrDefault(); ;
+        }
+        public async Task<IEnumerable<string>> GetUserPermissions(string userId)
+        {
+            // 这里是模拟数据，实际应用中应该从数据库或其他来源获取权限信息
+            return await Task.FromResult(new List<string>
+        {
+            "Admin:Index:GET",
+            "Admin:Edit:POST"
+            // 更多权限...
+        });
+        }
+    }
+}

FuelCloud/src/Fuel.Payment.Server/Controllers/AuthController.cs

@@ -0,0 +1,65 @@
+using Fuel.Application.Service;
+using Fuel.Core.User;
+using FuelServer.Core.Entity;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace Fuel.PaymentServer.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class AuthController : ControllerBase
+    {
+        private readonly IUserService _userService;
+        private readonly IConfiguration _configuration;
+
+        public AuthController(IUserService userService, IConfiguration configuration)
+        {
+            _userService = userService;
+            _configuration = configuration;
+        }
+        /// <summary>
+        /// 登录
+        /// </summary>
+        /// <param name="login"></param>
+        /// <returns></returns>
+        [HttpPost("login")]
+        public IActionResult Login([FromBody] LoginModel login)
+        {
+            var user = _userService.ValidateCredentials(login.Username, login.Password);
+            if (user == null)
+                return Unauthorized();
+
+            var tokenString = GenerateJwt(user);
+            return Ok(new { Token = tokenString });
+        }
+
+        private string GenerateJwt(users user)
+        {
+            var jwtSettings = _configuration.GetSection("Jwt");
+            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings["Key"]));
+            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+
+            var claims = new[]
+            {
+                new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
+                new Claim(JwtRegisteredClaimNames.Email, user.Account),
+                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
+            };
+
+            var token = new JwtSecurityToken(
+                issuer: jwtSettings["Issuer"],
+                audience: jwtSettings["Audience"],
+                claims: claims,
+                expires: DateTime.Now.AddMinutes(15),
+                signingCredentials: credentials
+            );
+
+            return new JwtSecurityTokenHandler().WriteToken(token);
+        }
+    }
+}

FuelCloud/src/Fuel.Payment.Server/Controllers/NozzleController.cs

@@ -1,5 +1,7 @@
-using Fuel.Application.Service;
+using Fuel.Application.Authorization;
+using Fuel.Application.Service;
 using Fuel.Core.Nozzle.Dto;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 
@@ -7,6 +9,7 @@ namespace Fuel.PaymentServer.Controllers
 {
     [Route("api/[controller]")]
     [ApiController]
+    [Authorize]
     public class NozzleController : ControllerBase
     {
         private readonly INozzleService InozzleService;
@@ -14,6 +17,7 @@ namespace Fuel.PaymentServer.Controllers
         {
             InozzleService = nozzleService;
         }
+        [Permission("Nozzle:uploadNozzle:POST")]
         [Route("uploadNozzle")]
         [HttpPost]
         public async Task<IActionResult> uploadNozzle(UploadNozzle uploadNozzle)

FuelCloud/src/Fuel.Payment.Server/Controllers/TransactionsController.cs

@@ -2,6 +2,7 @@
 using Fuel.Core.Nozzle.Dto;
 using Fuel.Core.Transactions.Dto;
 using FuelServer.Core.Entity;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 
@@ -9,6 +10,7 @@ namespace Fuel.PaymentServer.Controllers
 {
     [Route("api/[controller]")]
     [ApiController]
+    [Authorize]
     public class TransactionsController : ControllerBase
     {
         private readonly ITransactionsService _transactionsService;

FuelCloud/src/Fuel.Payment.Server/Fuel.PaymentServer.csproj

@@ -10,6 +10,7 @@
     <PackageReference Include="DFS.Infrastructure.Redis" Version="8.0.0" />
     <PackageReference Include="JWT" Version="10.1.1" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.6" />
+    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="9.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="8.0.5" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.6.2" />
   </ItemGroup>

FuelCloud/src/Fuel.Payment.Server/Program.cs

@@ -15,6 +15,10 @@ using Fuel.Payment.Service.UnionPayProcessor;
 using Fuel.PaymentServer.MicServer;
 using Fuel.Infrastructure.Extension;
 using CSRedis;
+using Microsoft.Extensions.Logging;
+using Fuel.Core;
+using Microsoft.AspNetCore.Authorization;
+using Fuel.Application.Authorization;
 
 var builder = WebApplication.CreateBuilder(args);
 builder.Services.AddScoped<IPayService, PayService>();
@@ -48,9 +52,36 @@ builder.Services.AddSwaggerGen();
 
 Fuel.Infrastructure.Extension.RedisOptions redisOptions = builder.Configuration.GetSection("Redis").Get<Fuel.Infrastructure.Extension.RedisOptions>();
 builder.Services.UseRedisClient(redisOptions);
+// 动态添加基于权限的策略
+void AddPermissionPolicies(AuthorizationOptions options)
+{
+    // 获取所有可能的权限字符串（这里只是一个例子，你应该根据实际情况实现）
+    var permissions = Authorization.GetPermissions();
+
+    foreach (var permission in permissions)
+    {
+        options.AddPolicy($"Permission_{permission}", policy =>
+            policy.Requirements.Add(new PermissionRequirement(permission)));
+    }
+}
+
+builder.Services.AddAuthorization(options =>
+{
+    AddPermissionPolicies(options);
+});
+
 var app = builder.Build();
 
+app.UseRouting();
 
+var loggerFactory = LoggerFactory.Create(builder =>
+{
+    builder.AddConsole();
+});
+var accessKeySecret = "sfsdfasfsdafasdfdsa";//密钥
+var logger = loggerFactory.CreateLogger<SignatureValidator>();
+var signatureValidator = new SignatureValidator(accessKeySecret, logger);
+app.UseMiddleware<SignatureValidationMiddleware>(signatureValidator);//签名验证
 
 // Configure the HTTP request pipeline.
 if (app.Environment.IsDevelopment())

FuelCloud/src/FuelServer.Core/Authorization.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fuel.Core
+{
+    public  class Authorization
+    {
+        public static IEnumerable<string> GetPermissions()
+        {
+            return new List<string>
+    {
+        "Nozzle:uploadNozzle:POST",
+    };
+        }
+    }
+}

FuelCloud/src/FuelServer.Core/Entity/AdApi.cs

@@ -0,0 +1,120 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 接口管理
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_api", DisableSyncStructure = true)]
+	public partial class AdApi {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		[JsonProperty]
+		public long ApplyID { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 说明
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Description { get; set; }
+
+		/// <summary>
+		/// 启用
+		/// </summary>
+		[JsonProperty]
+		public bool Enabled { get; set; }
+
+		/// <summary>
+		/// 接口提交方法
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string HttpMethods { get; set; }
+
+		/// <summary>
+		/// 是否删除
+		/// </summary>
+		[JsonProperty]
+		public bool IsDeleted { get; set; }
+
+		/// <summary>
+		/// 接口名称
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Label { get; set; }
+
+		/// <summary>
+		/// 修改时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? ModifiedTime { get; set; }
+
+		/// <summary>
+		/// 修改者Id
+		/// </summary>
+		[JsonProperty]
+		public long? ModifiedUserId { get; set; }
+
+		/// <summary>
+		/// 修改者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string ModifiedUserName { get; set; }
+
+		/// <summary>
+		/// 接口命名
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string Name { get; set; }
+
+		/// <summary>
+		/// 所属模块
+		/// </summary>
+		[JsonProperty]
+		public long ParentId { get; set; }
+
+		/// <summary>
+		/// 接口地址
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Path { get; set; }
+
+		/// <summary>
+		/// 排序
+		/// </summary>
+		[JsonProperty]
+		public int Sort { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Entity/AdApply.cs

@@ -0,0 +1,105 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 应用
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_apply", DisableSyncStructure = true)]
+	public partial class AdApply {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		/// <summary>
+		/// 应用密钥
+		/// </summary>
+		[JsonProperty, Column(Name = "app_Secret")]
+		public string AppSecret { get; set; }
+
+		/// <summary>
+		/// 应用ID
+		/// </summary>
+		[JsonProperty]
+		public string Appid { get; set; }
+
+		/// <summary>
+		/// 编码
+		/// </summary>
+		[JsonProperty]
+		public string Code { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 是否删除
+		/// </summary>
+		[JsonProperty]
+		public bool IsDeleted { get; set; }
+
+		/// <summary>
+		/// 修改时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? ModifiedTime { get; set; }
+
+		/// <summary>
+		/// 修改者Id
+		/// </summary>
+		[JsonProperty]
+		public long? ModifiedUserId { get; set; }
+
+		/// <summary>
+		/// 修改者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string ModifiedUserName { get; set; }
+
+		/// <summary>
+		/// 应用名称
+		/// </summary>
+		[JsonProperty]
+		public string Name { get; set; }
+
+		/// <summary>
+		/// 排序
+		/// </summary>
+		[JsonProperty]
+		public string Sort { get; set; }
+
+		/// <summary>
+		/// 版本
+		/// </summary>
+		[JsonProperty]
+		public long Version { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Entity/AdPermission.cs

@@ -0,0 +1,192 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 权限
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_permission", DisableSyncStructure = true)]
+	public partial class AdPermission {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		[JsonProperty]
+		public long ApplyID { get; set; }
+
+		/// <summary>
+		/// 权限编码
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Code { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 描述
+		/// </summary>
+		[JsonProperty, Column(StringLength = 200)]
+		public string Description { get; set; }
+
+		/// <summary>
+		/// 启用
+		/// </summary>
+		[JsonProperty]
+		public bool Enabled { get; set; }
+
+		/// <summary>
+		/// 链接外显
+		/// </summary>
+		[JsonProperty]
+		public bool External { get; set; }
+
+		/// <summary>
+		/// 隐藏
+		/// </summary>
+		[JsonProperty]
+		public bool Hidden { get; set; }
+
+		/// <summary>
+		/// 图标
+		/// </summary>
+		[JsonProperty, Column(StringLength = 100)]
+		public string Icon { get; set; }
+
+		/// <summary>
+		/// 是否固定
+		/// </summary>
+		[JsonProperty]
+		public bool IsAffix { get; set; }
+
+		/// <summary>
+		/// 是否删除
+		/// </summary>
+		[JsonProperty]
+		public bool IsDeleted { get; set; }
+
+		/// <summary>
+		/// 是否内嵌窗口
+		/// </summary>
+		[JsonProperty]
+		public bool IsIframe { get; set; }
+
+		/// <summary>
+		/// 是否缓存
+		/// </summary>
+		[JsonProperty]
+		public bool IsKeepAlive { get; set; }
+
+		/// <summary>
+		/// 权限名称
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string Label { get; set; }
+
+		/// <summary>
+		/// 链接地址
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Link { get; set; }
+
+		/// <summary>
+		/// 修改时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? ModifiedTime { get; set; }
+
+		/// <summary>
+		/// 修改者Id
+		/// </summary>
+		[JsonProperty]
+		public long? ModifiedUserId { get; set; }
+
+		/// <summary>
+		/// 修改者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string ModifiedUserName { get; set; }
+
+		/// <summary>
+		/// 路由命名
+		/// </summary>
+		[JsonProperty, Column(StringLength = 100)]
+		public string Name { get; set; }
+
+		/// <summary>
+		/// 打开新窗口
+		/// </summary>
+		[JsonProperty]
+		public bool NewWindow { get; set; }
+
+		/// <summary>
+		/// 展开分组
+		/// </summary>
+		[JsonProperty]
+		public bool Opened { get; set; }
+
+		/// <summary>
+		/// 父级节点
+		/// </summary>
+		[JsonProperty]
+		public long ParentId { get; set; }
+
+		/// <summary>
+		/// 路由地址
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Path { get; set; }
+
+		/// <summary>
+		/// 重定向地址
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Redirect { get; set; }
+
+		/// <summary>
+		/// 排序
+		/// </summary>
+		[JsonProperty]
+		public int Sort { get; set; }
+
+		/// <summary>
+		/// 权限类型
+		/// </summary>
+		[JsonProperty]
+		public int Type { get; set; }
+
+		/// <summary>
+		/// 视图Id
+		/// </summary>
+		[JsonProperty]
+		public long? ViewId { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Entity/AdPermissionApi.cs

@@ -0,0 +1,60 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 权限接口
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_permission_api", DisableSyncStructure = true)]
+	public partial class AdPermissionApi {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		/// <summary>
+		/// 接口Id
+		/// </summary>
+		[JsonProperty]
+		public long ApiId { get; set; }
+
+		[JsonProperty]
+		public long ApplyID { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 权限Id
+		/// </summary>
+		[JsonProperty]
+		public long PermissionId { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Entity/AdRole.cs

@@ -0,0 +1,126 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 角色
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_role", DisableSyncStructure = true)]
+	public partial class AdRole {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		[JsonProperty]
+		public long? ApplyID { get; set; }
+
+		/// <summary>
+		/// 编码
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string Code { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 数据范围
+		/// </summary>
+		[JsonProperty]
+		public int DataScope { get; set; }
+
+		/// <summary>
+		/// 说明
+		/// </summary>
+		[JsonProperty, Column(StringLength = 200)]
+		public string Description { get; set; }
+
+		/// <summary>
+		/// 隐藏
+		/// </summary>
+		[JsonProperty]
+		public bool Hidden { get; set; }
+
+		/// <summary>
+		/// 是否删除
+		/// </summary>
+		[JsonProperty]
+		public bool IsDeleted { get; set; }
+
+		/// <summary>
+		/// 修改时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? ModifiedTime { get; set; }
+
+		/// <summary>
+		/// 修改者Id
+		/// </summary>
+		[JsonProperty]
+		public long? ModifiedUserId { get; set; }
+
+		/// <summary>
+		/// 修改者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string ModifiedUserName { get; set; }
+
+		/// <summary>
+		/// 名称
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string Name { get; set; }
+
+		/// <summary>
+		/// 父级Id
+		/// </summary>
+		[JsonProperty]
+		public long ParentId { get; set; }
+
+		/// <summary>
+		/// 排序
+		/// </summary>
+		[JsonProperty]
+		public int Sort { get; set; }
+
+		/// <summary>
+		/// 租户Id
+		/// </summary>
+		[JsonProperty]
+		public long? TenantId { get; set; }
+
+		/// <summary>
+		/// 角色类型
+		/// </summary>
+		[JsonProperty]
+		public int Type { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Entity/AdRolePermission.cs

@@ -0,0 +1,60 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 角色权限
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_role_permission", DisableSyncStructure = true)]
+	public partial class AdRolePermission {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		[JsonProperty]
+		public long ApplyID { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 权限Id
+		/// </summary>
+		[JsonProperty]
+		public long PermissionId { get; set; }
+
+		/// <summary>
+		/// 角色Id
+		/// </summary>
+		[JsonProperty]
+		public long RoleId { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Entity/AdView.cs

@@ -0,0 +1,120 @@
+using FreeSql.DatabaseModel;using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using FreeSql.DataAnnotations;
+
+namespace FuelServer.Core.Entity
+{
+
+	/// <summary>
+	/// 视图管理
+	/// </summary>
+	[JsonObject(MemberSerialization.OptIn), Table(Name = "ad_view", DisableSyncStructure = true)]
+	public partial class AdView {
+
+		/// <summary>
+		/// 主键Id
+		/// </summary>
+		[JsonProperty, Column(IsPrimary = true)]
+		public long Id { get; set; }
+
+		[JsonProperty]
+		public long ApplyID { get; set; }
+
+		/// <summary>
+		/// 缓存
+		/// </summary>
+		[JsonProperty]
+		public bool Cache { get; set; }
+
+		/// <summary>
+		/// 创建时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? CreatedTime { get; set; }
+
+		/// <summary>
+		/// 创建者Id
+		/// </summary>
+		[JsonProperty]
+		public long? CreatedUserId { get; set; }
+
+		/// <summary>
+		/// 创建者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string CreatedUserName { get; set; }
+
+		/// <summary>
+		/// 说明
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Description { get; set; }
+
+		/// <summary>
+		/// 启用
+		/// </summary>
+		[JsonProperty]
+		public bool Enabled { get; set; }
+
+		/// <summary>
+		/// 是否删除
+		/// </summary>
+		[JsonProperty]
+		public bool IsDeleted { get; set; }
+
+		/// <summary>
+		/// 视图名称
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Label { get; set; }
+
+		/// <summary>
+		/// 修改时间
+		/// </summary>
+		[JsonProperty, Column(DbType = "datetime")]
+		public DateTime? ModifiedTime { get; set; }
+
+		/// <summary>
+		/// 修改者Id
+		/// </summary>
+		[JsonProperty]
+		public long? ModifiedUserId { get; set; }
+
+		/// <summary>
+		/// 修改者
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string ModifiedUserName { get; set; }
+
+		/// <summary>
+		/// 视图命名
+		/// </summary>
+		[JsonProperty, Column(StringLength = 50)]
+		public string Name { get; set; }
+
+		/// <summary>
+		/// 所属节点
+		/// </summary>
+		[JsonProperty]
+		public long ParentId { get; set; }
+
+		/// <summary>
+		/// 视图路径
+		/// </summary>
+		[JsonProperty, Column(StringLength = 500)]
+		public string Path { get; set; }
+
+		/// <summary>
+		/// 排序
+		/// </summary>
+		[JsonProperty]
+		public int Sort { get; set; }
+
+	}
+
+}

FuelCloud/src/FuelServer.Core/Fuel.Core.csproj

@@ -9,6 +9,8 @@
   <ItemGroup>
     <PackageReference Include="DFS.Infrastructure.Redis" Version="8.0.0" />
     <PackageReference Include="FreeSql" Version="3.2.833" />
+    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="9.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
   </ItemGroup>
 

FuelCloud/src/FuelServer.Core/SignatureValidationMiddleware.cs

@@ -0,0 +1,47 @@
+using Microsoft.AspNetCore.Http;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fuel.Core
+{
+    public class SignatureValidationMiddleware
+    {
+        private readonly RequestDelegate _next;
+        private readonly SignatureValidator _validator;
+
+        public SignatureValidationMiddleware(RequestDelegate next, SignatureValidator validator)
+        {
+            _next = next;
+            _validator = validator;
+        }
+
+        /// <summary>
+        /// 处理每个 HTTP 请求的异步方法。
+        /// </summary>
+        /// <param name="context">HTTP 上下文。</param>
+        /// <returns>一个任务表示的操作。</returns>
+        public async Task InvokeAsync(HttpContext context)
+        {
+            // 跳过登录接口
+            var path = context.Request.Path.Value;
+            if (path.StartsWith("/api/login", StringComparison.OrdinalIgnoreCase))
+            {
+                await _next(context);
+                return;
+            }
+
+            if (!_validator.ValidateSignature(context.Request))
+            {
+                context.Response.StatusCode = StatusCodes.Status401Unauthorized;
+                await context.Response.WriteAsync("无效的签名");
+                return;
+            }
+
+            await _next(context);
+        }
+    }
+}
+

FuelCloud/src/FuelServer.Core/SignatureValidator.cs

@@ -0,0 +1,86 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading.Tasks;
+using System.Web;
+
+namespace Fuel.Core
+{
+    public class SignatureValidator
+    {
+        private readonly string _accessKeySecret;
+        private readonly ILogger<SignatureValidator> _logger;
+
+        public SignatureValidator(string accessKeySecret, ILogger<SignatureValidator> logger)
+        {
+            _accessKeySecret = accessKeySecret;
+            _logger = logger;
+        }
+
+        /// <summary>
+        /// 验证传入请求的签名是否有效。
+        /// </summary>
+        /// <param name="request"></param>
+        /// <returns></returns>
+        public bool ValidateSignature(HttpRequest request)
+        {
+            try
+            {
+                var signMethod = request.Headers["sign_method"].ToString();
+                var secretId = request.Headers["secret_id"].ToString();
+                var nonce = request.Headers["nonce"].ToString();
+                var timestamp = request.Headers["timestamp"].ToString();
+                var signature = request.Headers["signature"].ToString();
+
+                if (string.IsNullOrEmpty(signMethod) || string.IsNullOrEmpty(secretId) ||
+                    string.IsNullOrEmpty(nonce) || string.IsNullOrEmpty(timestamp) ||
+                    string.IsNullOrEmpty(signature))
+                {
+                    _logger.LogError("缺少签名信息");
+                    return false;
+                }
+
+                // 查询字符串
+                var queryString = HttpUtility.ParseQueryString(request.QueryString.ToString());
+                var queryParameters = queryString.AllKeys
+                    .OrderBy(k => k)
+                    .Select(k => $"{k}={queryString[k]}")
+                    .Aggregate((current, next) => current + "&" + next);
+
+                // 待签字符串
+                var stringToSign = $"sign_method={signMethod}&secret_id={secretId}&nonce={nonce}&timestamp={timestamp}&{queryParameters}";
+
+                // 根据 RFC3986 对字符串进行 URL 编码
+                var encodedString = Uri.EscapeDataString(stringToSign);
+
+                // 计算 HMAC-SM3 哈希（此处用 HMACSHA256 作为占位符）
+                var calculatedSignature = HmacSm3(_accessKeySecret, encodedString);
+                var base64Signature = Convert.ToBase64String(calculatedSignature);
+                return base64Signature.Equals(signature, StringComparison.Ordinal);
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "签名验证过程中发生错误。");
+                return false;
+            }
+        }
+
+        /// <summary>
+        /// 使用 HMAC-SM3 算法计算哈希值（此处用 HMACSHA256 作为占位符）
+        /// </summary>
+        /// <param name="key"></param>
+        /// <param name="message"></param>
+        /// <returns></returns>
+        private byte[] HmacSm3(string key, string message)
+        {
+            using (var hmacsha = new HMACSHA256(Encoding.UTF8.GetBytes(key)))
+            {
+                return hmacsha.ComputeHash(Encoding.UTF8.GetBytes(message));
+            }
+        }
+    }
+}

FuelCloud/src/FuelServer.Core/User/LoginModel.cs

@@ -0,0 +1,14 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Fuel.Core.User
+{
+    public class LoginModel
+    {
+        public string Username { get; set; }
+        public string Password { get; set; }
+    }
+}