using BMOA.Application.System;
using BMOA.Common;
using BMOA.Web.Models;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Net.Http;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
namespace KBMOA.Web.Filter
{
/// <summary>
/// Api请求过滤器
/// </summary>
public class ApiFilter : ActionFilterAttribute
{
/// <summary>
/// 小程序端请使用sha1加密appkey
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
string appkey = string.Empty;
string apppwd = string.Empty;
if (actionContext.Request.Headers.Contains("appkey"))
{
appkey = HttpUtility.UrlDecode(actionContext.Request.Headers.GetValues("appkey").FirstOrDefault());
}
if (actionContext.Request.Headers.Contains("apppwd"))
{
apppwd = HttpUtility.UrlDecode(actionContext.Request.Headers.GetValues("apppwd").FirstOrDefault());
}
//判断请求头是否包含以下参数
if (string.IsNullOrEmpty(appkey) || string.IsNullOrEmpty(apppwd))
{
Check(actionContext);
base.OnActionExecuting(actionContext);
}
if (appkey.Equals(YG_Config.appkey) == false || string.Equals(apppwd, ZEncypt.Sha1(appkey), StringComparison.CurrentCultureIgnoreCase) == false)
{
Check(actionContext);
base.OnActionExecuting(actionContext);
}
}
private void Check(HttpActionContext actionContext)
{
ResponseModel result = new ResponseModel() { Success = false };
result.Message = "此请求未经授权";
actionContext.Response = actionContext.Request.CreateResponse(result);
}
}
}
