public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var _verifyPictureAppService = context.HttpContext.RequestServices.GetService(typeof(ISliderAppService)) as ISliderAppService;
var data = context.HttpContext.Request.Headers.FirstOrDefault(c => c.Key == "Data");
var actionData = new SliderActionModel(context.HttpContext.Connection.RemoteIpAddress.ToString());
if (data.Key.IsNullOrWhiteSpace())
{
var token = context.HttpContext.Request.Headers.FirstOrDefault(c => c.Key == "Token");
if (token.Key.IsNullOrWhiteSpace())
{
var valTokendata = new ValidationModel <string>(token.Value, actionData);
if (!await _verifyPictureAppService.VerificationTokenAsync(valTokendata))
{
throw new UserFriendlyException("The verification code is wrong!");
}
}
throw new UserFriendlyException("The verification code is not valid!");
}
var valdata = new ValidationModel <int[]>(Array.ConvertAll(data.Value.ToString().Split(','), int.Parse), actionData);
if (!await _verifyPictureAppService.VerificationAsync(valdata))
{
throw new UserFriendlyException("The verification code is wrong!");
}
await next();
}
/// <summary>
/// 审核滑条会话安全性
/// </summary>
/// <param name="sliderAction">会话信息</param>
/// <returns></returns>
public virtual async Task VerificationActionAsync(SliderActionModel sliderAction)
{
var cacheItem = await _cache.GetAsync(sliderAction.Ip);
var rquestsCount = int.Parse(_configuration["Verification:Slider:RequestsCount"]);
if (cacheItem != null && cacheItem.Count > rquestsCount)
{
throw new UserFriendlyException("请求频繁,请在60秒后重新尝试");
}
if (cacheItem == null)
{
await _cache.SetAsync(sliderAction.Ip,
new SliderActionCacheModel(sliderAction.Ip),
new DistributedCacheEntryOptions {
AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(1)
});
}
else
{
cacheItem.AddCount();
await _cache.SetAsync(sliderAction.Ip, cacheItem);
}
}
/// <summary>
/// 获取滑条验证令牌
/// </summary>
/// <param name="input"></param>
/// <returns></returns>
public async Task <string> GetVerificationTokenAsync(string input)
{
var actionData = new SliderActionModel(HttpContext.Connection.RemoteIpAddress.ToString());
return(await _sliderAppService.GetVerificationTokenAsync(new ValidationModel <string>(input, actionData)));
}
public ValidationModel(T data, SliderActionModel actionData)
{
Data = data;
ActionData = actionData;
}
