asp.net WebApi自定义权限验证消息返回

 /// <summary>
    /// 自定义鉴权
    /// </summary>
    public class WebApiAuthAttribute : AuthorizeAttribute
    {
        /// <summary>
        /// 权限验证
        /// </summary>
        /// <param name="actionContext"></param>
        public override void OnAuthorization(HttpActionContext actionContext)
        {
            V_UserLogin UserInfo = Models.User.UserInfo.UserData;
            if (UserInfo == null)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "请先登录！", "application/json");
            }
            else if (string.IsNullOrEmpty(Roles) == false && Roles.Split('、').Any(p => p == UserInfo.UserType) == false)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, "你没有访问权限！", "application/json");
            }
            else
            {
                base.IsAuthorized(actionContext);//为此请求授权
            }
        }
    }