public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (DateTime.Now > this.Date)
{
filterContext.Result = ResultHelper.BadRequest("无法响应请求,请升级客户端");
return;
}
base.OnActionExecuting(filterContext);
}
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
if (DateTime.Now > this.Date)
{
context.Result = ResultHelper.BadRequest("无法响应请求,请升级客户端");
return;
}
await base.OnActionExecutionAsync(context, next);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var sessionID = filterContext.HttpContext.Session.SessionID;
var key = $"{nameof(AntiReSubmitAttribute)}:{sessionID}";
var reqparams = filterContext.HttpContext.Request.Form.ToDict();
reqparams = reqparams.AddDict(filterContext.HttpContext.Request.QueryString.ToDict());
var dict = new SortedDictionary <string, string>(reqparams, new MyStringComparer());
var submitData = dict.ToUrlParam();
var(AreaName, ControllerName, ActionName) = filterContext.RouteData.GetA_C_A();
submitData = $"{AreaName}/{ControllerName}/{ActionName}/:{submitData}";
//读取缓存
IocContext.Instance.Scope(s =>
{
using (var cache = s.Resolve_ <ICacheProvider>())
{
var data = cache.Get <string>(key);
if (data.Success)
{
if (data.Result == submitData)
{
filterContext.Result = ResultHelper.BadRequest(this.ErrorMessage);
return(true);
}
}
//10秒钟不能提交相同的数据
CacheSeconds = Math.Abs(CacheSeconds);
if (CacheSeconds == 0)
{
throw new Exception("缓存时间不能为0");
}
cache.Set(key, submitData, TimeSpan.FromSeconds(CacheSeconds));
}
return(true);
});
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var salt = ConfigurationManager.AppSettings[ConfigKey];
if (!ValidateHelper.IsPlumpString(salt))
{
throw new Exception($"没有配置签名的约定key({ConfigKey})");
}
var context = HttpContext.Current;
var allparams = context.PostAndGet();
#region 验证时间戳
var disable_timestamp_check = ConvertHelper.GetString(ConfigurationManager.AppSettings["disable_timestamp_check"]).ToBool();
if (!disable_timestamp_check)
{
var timestamp = ConvertHelper.GetInt64(allparams.GetValueOrDefault("timestamp"), -1);
if (timestamp < 0)
{
filterContext.Result = ResultHelper.BadRequest("缺少时间戳");
return;
}
var server_timestamp = DateTimeHelper.GetTimeStamp();
//取绝对值
if (Math.Abs(server_timestamp - timestamp) > Math.Abs(DeviationSeconds))
{
filterContext.Result = ResultHelper.BadRequest("请求时间戳已经过期", new
{
client_timestamp = timestamp,
server_timestamp = server_timestamp
});
return;
}
}
#endregion
#region 验证签名
var disable_sign_check = ConvertHelper.GetString(ConfigurationManager.AppSettings["disable_sign_check"]).ToBool();
if (!disable_sign_check)
{
var sign = ConvertHelper.GetString(allparams.GetValueOrDefault(SignKey)).ToUpper();
if (!ValidateHelper.IsAllPlumpString(sign))
{
filterContext.Result = ResultHelper.BadRequest("请求被拦截,获取不到签名");
return;
}
var reqparams = SignHelper.FilterAndSort(allparams, SignKey, new MyStringComparer());
var(md5, sign_data) = SignHelper.CreateSign(reqparams, salt);
if (sign != md5)
{
filterContext.Result = ResultHelper.BadRequest("签名错误", new
{
client_sign = md5,
server_sign = sign,
server_order = sign_data
});
return;
}
}
#endregion
base.OnActionExecuting(filterContext);
}
public override async Task OnActionExecutionAsync(ActionExecutingContext _context, ActionExecutionDelegate next)
{
using (var s = IocContext.Instance.Scope())
{
var config = s.ResolveConfig_();
var salt = config[ConfigKey];
if (!ValidateHelper.IsPlumpString(salt))
{
throw new Exception($"没有配置签名的约定key({ConfigKey})");
}
var context = _context.HttpContext;
var allparams = context.PostAndGet();
#region 验证时间戳
var disable_timestamp_check = ConvertHelper.GetString(config["disable_timestamp_check"]).ToBool();
if (!disable_timestamp_check)
{
var timestamp = ConvertHelper.GetInt64(allparams.GetValueOrDefault("timestamp"), -1);
if (timestamp < 0)
{
_context.Result = ResultHelper.BadRequest("缺少时间戳");
return;
}
var server_timestamp = DateTimeHelper.GetTimeStamp();
//取绝对值
if (Math.Abs(server_timestamp - timestamp) > Math.Abs(DeviationSeconds))
{
_context.Result = ResultHelper.BadRequest("请求时间戳已经过期", new
{
client_timestamp = timestamp,
server_timestamp = server_timestamp
});
return;
}
}
#endregion
#region 验证签名
var disable_sign_check = ConvertHelper.GetString(config["disable_sign_check"]).ToBool();
if (!disable_sign_check)
{
var sign = ConvertHelper.GetString(allparams.GetValueOrDefault(SignKey)).ToUpper();
if (!ValidateHelper.IsAllPlumpString(sign))
{
_context.Result = ResultHelper.BadRequest("请求被拦截,获取不到签名");
return;
}
var reqparams = SignHelper.FilterAndSort(allparams, SignKey, new MyStringComparer());
var(md5, sign_data) = SignHelper.CreateSign(reqparams, salt);
if (sign != md5)
{
_context.Result = ResultHelper.BadRequest("签名错误", new
{
client_sign = md5,
server_sign = sign,
server_order = sign_data
});
return;
}
}
#endregion }
await next.Invoke();
}
}