blame | 历史 | 原始文档
jinxin
2025-06-04 d968571628134ed672d9c6e4ba5cf32ba8d9644b 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

using System;


using System.Net;


using System.Net.Http;


using System.Text;


using System.Threading.Tasks;


using System.Web.Http;


using System.Web.Http.Controllers;


using System.Web.Http.Filters;


using Microsoft.Owin;


using Owin;


 


[assembly: OwinStartup(typeof(HH.WCS.NongFuChaYuan.ApiService.Startup))]


 


namespace HH.WCS.NongFuChaYuan.ApiService


{


    public class Startup


    {


        public void Configuration(IAppBuilder app) {


            // 有关如何配置应用程序的详细信息,请访问 https://go.microsoft.com/fwlink/?LinkID=316888


            HttpConfiguration config = new HttpConfiguration();


            config.Routes.MapHttpRoute(


                name:"DefaultApi",


                routeTemplate:"api/{controller}/{action}/{id}",


                defaults: new { id = RouteParameter.Optional }


                );


            // Web API routes


            config.MapHttpAttributeRoutes();


 


            //WebApiConfig.Register(config);


 


            app.UseWebApi(config);


        }


    }


 


    /// <summary>


    /// 基础身份验证特性    接口上增加标识:[BasicAuthentication]   即可使用


    /// 传参:参数名:Authorization   参数值:Basic admin:123         --Basic后面需要加空格


    /// </summary>


    public class BasicAuthenticationAttribute : ActionFilterAttribute


    {


        public override void OnActionExecuting(HttpActionContext actionContext)


        {


            //检验用户ticket信息,用户ticket信息来自调用发起方


            if (actionContext.Request.Headers.Authorization != null)


            {


                //解密用户ticket,并校验用户名密码是否匹配


                var encryptTicket = actionContext.Request.Headers.Authorization.Parameter;//请求信息中验证信息的参数


                if (ValidateUserTicket(encryptTicket))//自定义的判断身份方法


                    base.OnActionExecuting(actionContext);//通过身份验证则继续执行Controller方法


                else


                {


                    actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);//请求状态设置为 401 认证不通过


                    actionContext.Response.Content = new StringContent("权限不足", Encoding.UTF8, "application/json");//返回错误信息


                    //LogHelper


                }


            }


            else//请求中没有添加验证信息,则返回错误


            {


                actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);


                string err = "拒绝访问,请先添加验证信息后,在访问此接口!";


                actionContext.Response.Content = new StringContent(err, Encoding.UTF8, "application/json");


            }


        }


        /// <summary>


        /// 校验用户ticket信息


        /// </summary>


        /// <param name="encryptTicket"></param>


        /// <returns></returns>


        private bool ValidateUserTicket(string encryptTicket)


        {


            //默认授权码 admin:123


            //string userpwd = Encoding.Default.GetString(Convert.FromBase64String(encryptTicket));//参数中的验证信息,转为string


            return encryptTicket.Equals("admin:123");


        }


    }


}