/// <summary>
/// 执行Action之前触发
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
if (actionContext.Request.Method != HttpMethod.Get)
{
if (actionContext.ControllerContext.Controller.GetType().GetCustomAttributes(typeof(NotVerificationLoginAttribute), false).Length == 0)
{
string MeName = actionContext.ControllerContext.Request.RequestUri.Segments.Last();
if (actionContext.ControllerContext.Controller.GetType().GetMethod(MeName).GetCustomAttributes(typeof(NotVerificationLoginAttribute), false).Length == 0)
{
object obj = actionContext.ActionArguments.ToArray()[0].Value;
Type objType = obj.GetType();
Type iVerificationLoginType = objType.GetInterface(nameof(IVerificationLoginModel));
if (iVerificationLoginType != null)
{
IVerificationLoginModel queryM = (IVerificationLoginModel)obj;
if (queryM.LoginUserID != null && queryM.LoginUserToken != null)
{
UserBLL userBLL = new UserBLL();
bool resM = userBLL.TokenValid(queryM.LoginUserID, queryM.LoginUserToken);
if (resM)
{
base.OnActionExecuting(actionContext);
}
else//Token过期或用户不存在
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
else//不包含所需参数400
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.BadRequest);
}
}
else//不实现登录验证接口
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.BadRequest);
}
}
}
}
}
/// <summary>
/// 执行Action之前触发
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
if (actionContext.Request.Method != HttpMethod.Get)
{
if (actionContext.ControllerContext.Controller.GetType().GetCustomAttributes(typeof(NotVerificationLoginAttribute), false).Length == 0)
{
string MeName = actionContext.ControllerContext.Request.RequestUri.Segments.Last();
if (actionContext.ControllerContext.Controller.GetType().GetMethod(MeName).GetCustomAttributes(typeof(NotVerificationLoginAttribute), false).Length == 0)
{
object obj = actionContext.ActionArguments.ToArray()[0].Value;
Type objType = obj.GetType();
Type iVerificationLoginType = objType.GetInterface(nameof(IVerificationLoginModel));
if (iVerificationLoginType != null)
{
IVerificationLoginModel queryM = (IVerificationLoginModel)obj;
if (queryM.LoginUserID != null && queryM.LoginUserToken != null)
{
TokenBLL tokenBLL = new TokenBLL();
bool resM = tokenBLL.TokenValid(queryM.LoginUserID, queryM.LoginUserToken, TokenTypeEnum.Login);
if (resM)
{
#region 验证权限
UserBLL userBLL = new UserBLL();
object[] rightsCodeAttrs = actionContext.ControllerContext.Controller.GetType().GetCustomAttributes(typeof(PermissionsCodeAttribute), false);
if (rightsCodeAttrs.Length > 0)
{
if (rightsCodeAttrs[0] is PermissionsCodeAttribute permissionsAttr)
{
if (userBLL.HasPermissions(queryM.LoginUserID, permissionsAttr.Code))
{
base.OnActionExecuting(actionContext);
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Forbidden);
}
}
}
else
{
rightsCodeAttrs = actionContext.ControllerContext.Controller.GetType().GetMethod(MeName).GetCustomAttributes(typeof(PermissionsCodeAttribute), false);
if (rightsCodeAttrs.Length > 0)
{
if (rightsCodeAttrs[0] is PermissionsCodeAttribute permissionsAttr)
{
if (userBLL.HasPermissions(queryM.LoginUserID, permissionsAttr.Code))
{
base.OnActionExecuting(actionContext);
}
else
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Forbidden);
}
}
}
else
{
base.OnActionExecuting(actionContext);
}
}
#endregion
}
else//Token过期或用户不存在
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
else//不包含所需参数400
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.BadRequest);
}
}
else//不实现登录验证接口
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.BadRequest);
}
}
}
}
}
