using System;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using System.Web.Http;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using Microsoft.Owin;
using Owin;

[assembly: OwinStartup(typeof(HH.WCS.NongFuChaYuan.ApiService.Startup))]

namespace HH.WCS.NongFuChaYuan.ApiService
{
    public class Startup
    {
        public void Configuration(IAppBuilder app) {
            // 有关如何配置应用程序的详细信息，请访问 https://go.microsoft.com/fwlink/?LinkID=316888
            HttpConfiguration config = new HttpConfiguration();
            config.Routes.MapHttpRoute(
                name:"DefaultApi",
                routeTemplate:"api/{controller}/{action}/{id}",
                defaults: new { id = RouteParameter.Optional }
                );
            // Web API routes
            config.MapHttpAttributeRoutes();

            //WebApiConfig.Register(config);

            app.UseWebApi(config);
        }
    }

    /// <summary>
    /// 基础身份验证特性    接口上增加标识：[BasicAuthentication]   即可使用
    /// 传参：参数名：Authorization   参数值：Basic admin:123         --Basic后面需要加空格
    /// </summary>
    public class BasicAuthenticationAttribute : ActionFilterAttribute
    {
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            //检验用户ticket信息，用户ticket信息来自调用发起方
            if (actionContext.Request.Headers.Authorization != null)
            {
                //解密用户ticket,并校验用户名密码是否匹配
                var encryptTicket = actionContext.Request.Headers.Authorization.Parameter;//请求信息中验证信息的参数
                if (ValidateUserTicket(encryptTicket))//自定义的判断身份方法
                    base.OnActionExecuting(actionContext);//通过身份验证则继续执行Controller方法
                else
                {
                    actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);//请求状态设置为 401 认证不通过
                    actionContext.Response.Content = new StringContent("权限不足", Encoding.UTF8, "application/json");//返回错误信息
                    //LogHelper
                }
            }
            else//请求中没有添加验证信息，则返回错误
            {
                actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
                string err = "拒绝访问，请先添加验证信息后，在访问此接口！";
                actionContext.Response.Content = new StringContent(err, Encoding.UTF8, "application/json");
            }
        }
        /// <summary>
        /// 校验用户ticket信息
        /// </summary>
        /// <param name="encryptTicket"></param>
        /// <returns></returns>
        private bool ValidateUserTicket(string encryptTicket)
        {
            //默认授权码 admin:123
            //string userpwd = Encoding.Default.GetString(Convert.FromBase64String(encryptTicket));//参数中的验证信息，转为string
            return encryptTicket.Equals("admin:123");
        }
    }
}