public override void OnAuthorization(HttpActionContext actionContext) { //如果用户方位的Action带有AllowAnonymousAttribute,则不进行授权验证 if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any()) { return; } string userid = CRequest.GetString("userid"); string token = CRequest.GetString("token"); string openid = CRequest.GetString("openid"); if (userid == "" || token == "" || openid == "") { actionContext.Response = ResponseStr.ToJsonError("9", "未登陆"); } else { Log.WriterLog(userid + "--" + token + "--" + openid); openid = CTools.GetOpenId(openid); if (!token.Equals(CTools.GetMD5FromString(userid + openid + "SSXXCJYXGS"))) { actionContext.Response = ResponseStr.ToJsonError("9", "非法请求"); } } }
protected void Page_Load(object sender, EventArgs e) { int wxType = CRequest.GetInt("type"); string wxReurl = CRequest.GetString("reurl"); string wxCode = CRequest.GetString("code"); if (!Page.IsPostBack) { if (wxCode != "") { //获取全局token if (!WxLoginBLL.SaveXMLByApplactionToken()) { Log.WriterLog("获取全局token失败"); } WxAccessToken wx = WxLoginBLL.GetToken(wxCode); if (wx.openid != null) { WxUserInfo userInfo = WxLoginBLL.GetWxUserInfo(wx, wxCode); if (userInfo.openid != null) { object obj; WxUserInfoBLL uill = new WxUserInfoBLL(); uill.CheckUserInfo(userInfo); List <WxUserInfo> users = uill.QueryUserInfoByID(wx.openid); if (users != null && users.Count > 0) { string openId = CTools.SetOpenId(users[0].openid); obj = new { userid = users[0].u_id, openid = openId, token = CTools.GetMD5FromString(users[0].u_id + openId + "SSXXCJYXGS") }; Session["UserInfo"] = users[0]; Cookies.SetCookie("UserInfo", JsonHelper.ObjToJsonString <object>(obj), 90); Response.Redirect(WxConfig.WxHost); } } else { Response.Write("获取用户信息失败"); } } else { Response.Write("获取用户token失败"); } } } }