private void AuthSignature(HttpActionContext actionContext) { if (actionContext.ActionDescriptor.GetCustomAttributes <AnonymousAttribute>().Count() > 0 || actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes <AnonymousAttribute>().Count() > 0) { return; } //log.Info("===============ReqUrl=" + HttpContext.Current.Request.Url.ToString()); //log.Info("===============ReqContent=" + Helper.GetRequestContent()); //#pragma warning disable IDE0019 // 使用模式匹配 Reqbase req = actionContext.ActionArguments.First().Value as Reqbase; //#pragma warning restore IDE0019 // 使用模式匹配 if (req == null) { WriteErrLog("参数匹配失败", ""); actionContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.BadRequest, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase { Result = -1, Message = "参数匹配错误" })) }; return; } if (!actionContext.ModelState.IsValid) { string modelStateMsg = GetModelError(actionContext.ModelState.Values.SelectMany(c => c.Errors)); WriteErrLog("参数验证错误", modelStateMsg); actionContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.BadRequest, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase { Result = -1, Message = "参数验证错误" })) }; return; } var unLogin = actionContext.ActionDescriptor.GetCustomAttributes <UnLoginAttribute>().FirstOrDefault();//如果没有UnLoginAttribute特性标记则校验用户 TnetReginfo regInfo = null; if (unLogin == null) { regInfo = CommonApiTransfer.Instance.GetTnetReginfo(new GetRegInfoReq { RegInfoKey = req.Nodeid.ToString() }); if (regInfo == null) { WriteErrLog("用户不存在", $"nodeid={req.Nodeid}"); actionContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.BadRequest, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase { Result = -1, Message = "用户不存在" })) }; return; } } if (!CommonConfig.SignValidationDisabled) { //DvUZIrmKXs if (!req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, CommonConfig.ApiAuthString), StringComparison.OrdinalIgnoreCase) && !req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, "DvUZIrmKXs"), StringComparison.OrdinalIgnoreCase) && !req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, CommonConfig.CasAuthString), StringComparison.OrdinalIgnoreCase) && !req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, ConfigurationManager.AppSettings["PcnAuthString"]), StringComparison.OrdinalIgnoreCase)) { WriteErrLog("参数签名错误", JsonConvert.SerializeObject(req)); actionContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase { Result = -1, Message = "参数签名错误" })) }; return; } } if (regInfo != null) { HttpContext.Current.Items.Add("CurrentUser", regInfo); } }
/// <summary> /// /// </summary> /// <param name="actionExecutedContext"></param> public override void OnException(HttpActionExecutedContext actionExecutedContext) { log.Error("Excetion ReqUrl=" + actionExecutedContext.Request.RequestUri.ToString()); //log.Error("Excetion ReqContent=" + Helper.GetRequestContent()); log.Error("Excetion Info=" + actionExecutedContext.Exception.ToString()); Helper.ClearDbAndTransfer(); if (actionExecutedContext.Exception is ArgumentException) { actionExecutedContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.InternalServerError, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase { Result = 0, Message = actionExecutedContext.Exception.Message })) }; } else { actionExecutedContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.InternalServerError, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase { Result = 0, Message = "网络繁忙,请稍后重试" })) }; } base.OnException(actionExecutedContext); }