using System;
|
using System.Net;
|
using System.Net.Http;
|
using System.Text;
|
using System.Threading.Tasks;
|
using System.Web.Http;
|
using System.Web.Http.Controllers;
|
using System.Web.Http.Filters;
|
using Microsoft.Owin;
|
using Owin;
|
|
[assembly: OwinStartup(typeof(HH.WCS.NongFuChaYuan.ApiService.Startup))]
|
|
namespace HH.WCS.NongFuChaYuan.ApiService
|
{
|
public class Startup
|
{
|
public void Configuration(IAppBuilder app) {
|
// 有关如何配置应用程序的详细信息,请访问 https://go.microsoft.com/fwlink/?LinkID=316888
|
HttpConfiguration config = new HttpConfiguration();
|
config.Routes.MapHttpRoute(
|
name:"DefaultApi",
|
routeTemplate:"api/{controller}/{action}/{id}",
|
defaults: new { id = RouteParameter.Optional }
|
);
|
// Web API routes
|
config.MapHttpAttributeRoutes();
|
|
//WebApiConfig.Register(config);
|
|
app.UseWebApi(config);
|
}
|
}
|
|
/// <summary>
|
/// 基础身份验证特性 接口上增加标识:[BasicAuthentication] 即可使用
|
/// 传参:参数名:Authorization 参数值:Basic admin:123 --Basic后面需要加空格
|
/// </summary>
|
public class BasicAuthenticationAttribute : ActionFilterAttribute
|
{
|
public override void OnActionExecuting(HttpActionContext actionContext)
|
{
|
//检验用户ticket信息,用户ticket信息来自调用发起方
|
if (actionContext.Request.Headers.Authorization != null)
|
{
|
//解密用户ticket,并校验用户名密码是否匹配
|
var encryptTicket = actionContext.Request.Headers.Authorization.Parameter;//请求信息中验证信息的参数
|
if (ValidateUserTicket(encryptTicket))//自定义的判断身份方法
|
base.OnActionExecuting(actionContext);//通过身份验证则继续执行Controller方法
|
else
|
{
|
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);//请求状态设置为 401 认证不通过
|
actionContext.Response.Content = new StringContent("权限不足", Encoding.UTF8, "application/json");//返回错误信息
|
//LogHelper
|
}
|
}
|
else//请求中没有添加验证信息,则返回错误
|
{
|
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
|
string err = "拒绝访问,请先添加验证信息后,在访问此接口!";
|
actionContext.Response.Content = new StringContent(err, Encoding.UTF8, "application/json");
|
}
|
}
|
/// <summary>
|
/// 校验用户ticket信息
|
/// </summary>
|
/// <param name="encryptTicket"></param>
|
/// <returns></returns>
|
private bool ValidateUserTicket(string encryptTicket)
|
{
|
//默认授权码 admin:123
|
//string userpwd = Encoding.Default.GetString(Convert.FromBase64String(encryptTicket));//参数中的验证信息,转为string
|
return encryptTicket.Equals("admin:123");
|
}
|
}
|
}
|