protected override System.Threading.Tasks.Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
try
{
IEnumerable <string> AppIDs;
if (!request.Headers.TryGetValues("appid", out AppIDs))
{
return(base.SendAsync(request, cancellationToken));
}
IEnumerable <string> Secrets;
if (!request.Headers.TryGetValues("secret", out Secrets))
{
return(base.SendAsync(request, cancellationToken));
}
IEnumerable <string> Timestamps;
if (!request.Headers.TryGetValues("timestamp", out Timestamps))//20150528093456
{
return(base.SendAsync(request, cancellationToken));
}
if (AppIDs == null || Secrets == null || Timestamps == null || string.IsNullOrWhiteSpace(AppIDs.FirstOrDefault()) || string.IsNullOrWhiteSpace(Secrets.FirstOrDefault()) || string.IsNullOrWhiteSpace(Timestamps.FirstOrDefault()))
{
return(base.SendAsync(request, cancellationToken));
}
DateTime dt;
if (!DateTime.TryParseExact(Timestamps.FirstOrDefault(), "yyyyMMddHHmmss", null, System.Globalization.DateTimeStyles.None, out dt))
{
return(base.SendAsync(request, cancellationToken));
}
var ExpiredTime = 6600; //ConfigurationManager.AppSettings["ExpiredTime"].ToString();//权限过期时间
if (Math.Abs((DateTime.Now - dt).TotalMinutes) > Convert.ToInt32(ExpiredTime)) //前后时间相差不能超过15分钟
{
return(base.SendAsync(request, cancellationToken));
}
string appid = AppIDs.FirstOrDefault();
string sec = FindSecret(appid);//获取明文secret
if (string.IsNullOrWhiteSpace(sec))
{
return(base.SendAsync(request, cancellationToken));
}
string secret = string.Format("{0}{1}{2}", appid, sec, Timestamps.FirstOrDefault());
secret = GetSwcMD5(secret);//md5加密(大写)
if (secret != Secrets.FirstOrDefault())
{
return(base.SendAsync(request, cancellationToken));
}
if (!string.IsNullOrWhiteSpace(appid))//set user
{
IPrincipal principalIns = new GenericPrincipal(new GenericIdentity(appid), null);
SetPrincipal(principalIns);
}
Boolean flag = HttpContext.Current.User.Identity.IsAuthenticated;
return(base.SendAsync(request, cancellationToken));
}
catch
{
return(base.SendAsync(request, cancellationToken));
}
}
///// <summary>
///// 是否不过滤
///// </summary>
///// <param name="dic"></param>
///// <returns></returns>
//private bool IsUnAuthentication(IDictionary<string, object> dic)
//{
// object controller;
// if (!dic.TryGetValue("controller", out controller))
// return false;
// object action;
// if (!dic.TryGetValue("action", out action))
// return false;
// IList<string> unActions;
// if (!_auth.UnFilter.TryGetValue(controller.ToString(), out unActions))
// return false;
// if (unActions == null || unActions.Count <= 0)
// return false;
// return unActions.Contains(action.ToString());
//}
///// <summary>
///// 无权查看信息
///// </summary>
///// <returns></returns>
//public static System.Threading.Tasks.Task<HttpResponseMessage> ReturnError()
//{
// var response = new HttpResponseMessage(HttpStatusCode.OK)
// {
// Content = new StringContent("资格不够,拒绝应答!")
// };
// var tsc = new TaskCompletionSource<HttpResponseMessage>();
// tsc.SetResult(response);
// return tsc.Task;
//}
protected override System.Threading.Tasks.Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
//var routeData = request.GetRouteData().Values;
//if (IsUnAuthentication(routeData))//如果不用过滤
// return base.SendAsync(request, cancellationToken);
try
{
IEnumerable <string> AppIDs;
if (!request.Headers.TryGetValues("appid", out AppIDs))
{
return(base.SendAsync(request, cancellationToken));
}
IEnumerable <string> Secrets;
if (!request.Headers.TryGetValues("secret", out Secrets))
{
return(base.SendAsync(request, cancellationToken));
}
IEnumerable <string> Timestamps;
if (!request.Headers.TryGetValues("timestamp", out Timestamps))//20150528093456
{
return(base.SendAsync(request, cancellationToken));
}
if (AppIDs == null || Secrets == null || Timestamps == null || string.IsNullOrWhiteSpace(AppIDs.FirstOrDefault()) || string.IsNullOrWhiteSpace(Secrets.FirstOrDefault()) || string.IsNullOrWhiteSpace(Timestamps.FirstOrDefault()))
{
return(base.SendAsync(request, cancellationToken));
}
DateTime dt;
if (!DateTime.TryParseExact(Timestamps.FirstOrDefault(), "yyyyMMddHHmmss", null, System.Globalization.DateTimeStyles.None, out dt))
{
return(base.SendAsync(request, cancellationToken));
}
var ExpiredTime = System.Configuration.ConfigurationSettings.AppSettings["ExpiredTime"].ToString(); //权限过期时间
if (Math.Abs((DateTime.Now.ToUniversalTime() - dt).TotalMinutes) > Convert.ToInt32(ExpiredTime)) //前后时间相差不能超过15分钟
{
return(base.SendAsync(request, cancellationToken));
}
string appid = AppIDs.FirstOrDefault();
string sec = FindSecret(appid);//获取明文secret
if (string.IsNullOrWhiteSpace(sec))
{
return(base.SendAsync(request, cancellationToken));
}
string secret = string.Format("{0}{1}{2}", appid, sec, Timestamps.FirstOrDefault());
secret = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(secret, "MD5");//md5加密(大写)
if (secret != Secrets.FirstOrDefault())
{
return(base.SendAsync(request, cancellationToken));
}
//var appid = "123";
if (!string.IsNullOrWhiteSpace(appid))//set user
{
Thread.CurrentPrincipal = HttpContext.Current.User = new GenericPrincipal(new GenericIdentity(appid), null);
}
return(base.SendAsync(request, cancellationToken));
}
catch (Exception ex)
{
Logs.Error(ex);
return(base.SendAsync(request, cancellationToken));
}
}