Example #1
0
        public override void OnActionExecuting(ActionExecutingContext context)
        {
            ip = context.HttpContext.Request.Host.Host;
            //将当前日志组件传递到其他中间件
            this.HttpContext.Items.Add("__requestLogger", Logger);

            HttpRequest request   = context.HttpContext.Request;
            WebParams   webParams = new WebParams(request);

            string path = request.Path.Value.ToLower();

            if (!path.Contains("/test/") && !WhitelistActions.Contains(path))
            {
                #region 签名验证

                if (context.Result == null)
                {
                    string signKey            = IFConfigReader.SignKey;
                    NameValueCollection param = new NameValueCollection();
                    foreach (var webParam in webParams)
                    {
                        param.Add(webParam.Key, webParam.Value.ToString());
                    }
                    string uriString = $"{request.Scheme}://{request.Host}{request.Path}";
                    Uri    uri       = new Uri(uriString);
                    if (!UrlValidator.ValidatorSign(uri, param, signKey))
                    {
                        APIReturn apiResult = new APIReturn(-93, "签名验证失败");
                        context.Result = this.FuncResult(apiResult);
                    }
                }

                #endregion

                #region 时间戳验证

                string stampKey = "timestamp";
                if (context.Result == null && webParams.ContainsKey(stampKey))
                {
                    long     timeStamp = webParams[stampKey].ToLong();
                    DateTime urlTime   = DateTimeHelper.StampToDateTime(timeStamp);
                    if (urlTime.AddMinutes(3) < DateTime.Now)
                    {
                        APIReturn apiResult = new APIReturn(-92, "URL已失效");
                        context.Result = this.FuncResult(apiResult);
                    }
                }

                #endregion

                #region 加密验证

                /*  暂不启用加密验证
                 *
                 * if (context.Result == null)
                 * {
                 *  if (!this.ReqData.IsEncryptDatas || !this.ReqData.IsDecryptSucceed)
                 *  {
                 *      APIReturn apiResult = new APIReturn(-91, "解密参数失败" + (this.ReqData.DecryptException != null ? $"({this.ReqData.DecryptException.Message})" : string.Empty));
                 *      context.Result = this.FuncResult(apiResult);
                 *  }
                 * }
                 *
                 */

                #endregion
            }
        }