Example #1
0
        /// <summary>
        /// 执行action
        /// </summary>
        /// <param name="actionContext"></param>
        public override void OnActionExecuting(ActionExecutingContext actionContext)
        {
            //base.OnActionExecuting(actionContext);

            if (false == IsCheck)
            {
                base.OnActionExecuting(actionContext);
                return;
            }

            //首先验证是否来自浏览器
            bool checkBrowser = this.CheckIsComeFromWebBrowser(actionContext);

            if (false == checkBrowser)
            {
                //不是来自浏览器,获取当前的分钟是否是奇数  如果是奇数 那么进入错误页面 ,偶数正常;目的是为了混淆请求,增加猜参数的难度
                if (DateTime.Now.Minute % 2 != 0)
                {
                    WorkContext.GoToErrorPage();//一旦是奇数 那么进入错误页
                    return;
                }
            }
            ////当前登录过的用户id
            //UserInfoModel currentUser = null;

            //currentUser = this._formAuthService.GetAuthenticatedCustomerFromCookie();


            ////验证通过 那么直接执行 action  否则返回错误
            //if (null != currentUser)
            //{

            //    base.OnActionExecuting(actionContext);//有权限的话 直接继续执行要访问的action
            //    return;

            //}
            //else
            //{

            //   //记录错误日志
            //    string toAccessUrl = actionContext.ControllerContext.Request.RequestUri.ToString();
            //    string msg = string.Concat("非法访问;IP地址:", HttpContext.Current.Request.GetIP(), "。访问地址:", toAccessUrl);
            //    Logger.WriteToLog(new LogEventArgs { LogMessage = msg, LogType = LoggingType.DbInfo });

            //    //输出错误信息
            //    var result = new BaseResult<string>
            //    {
            //         Status = CodeStatusTable.NotHaveAuth
            //        , Msg = CodeStatusTable.NotHaveAuth.GetEnumDescription()
            //    };
            //    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, result);


            //}
        }
Example #2
0
        /// <summary>
        /// 重写基类中的异常处理方法
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnException(ExceptionContext filterContext)
        {
            //记录日志
            try
            {
                StringBuilder sb = new StringBuilder();
                sb.AppendFormat("Controller :{0}", filterContext.RouteData.Values["controller"].ToString());
                sb.Append(Environment.NewLine);
                sb.AppendFormat("Action  :{0}", filterContext.RouteData.Values["action"].ToString());
                sb.Append(Environment.NewLine);
                sb.AppendFormat("Exception :{0}", filterContext.Exception.ToString());
                sb.Append(Environment.NewLine);
                Logger.Error(sb.ToString());

                var webStatus = WorkContext.HostingEnvironment.EnvironmentName;
                if (webStatus == EnvironmentName.Production)
                {
                    //正式环境
                    if (filterContext.HttpContext.Request.IsAjaxRequest())
                    {
                        var result = new { Type = 0, Msg = "您没有权限或者访问错误" };
                        filterContext.HttpContext.Response.ContentType = new MediaTypeHeaderValue("application/json").ToString();
                        filterContext.HttpContext.Response.WriteAsync(result.ToJson(), Encoding.UTF8)
                        .ConfigureAwait(true)
                        .GetAwaiter();
                    }

                    //正式环境 跳转到错误页防止看到错误信息
                    WorkContext.GoToErrorPage();
                }
                else
                {
                    //开发模式
                    base.OnException(filterContext);
                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
            finally
            {
                //一旦使用 此过滤器 那么 最终标志 异常被处理
                filterContext.ExceptionHandled = true;
            }


            //base.OnException(filterContext);
        }