private void AuthSignature(HttpActionContext actionContext)
{
if (actionContext.ActionDescriptor.GetCustomAttributes <AnonymousAttribute>().Count() > 0 ||
actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes <AnonymousAttribute>().Count() > 0)
{
return;
}
//log.Info("===============ReqUrl=" + HttpContext.Current.Request.Url.ToString());
//log.Info("===============ReqContent=" + Helper.GetRequestContent());
//#pragma warning disable IDE0019 // 使用模式匹配
Reqbase req = actionContext.ActionArguments.First().Value as Reqbase;
//#pragma warning restore IDE0019 // 使用模式匹配
if (req == null)
{
WriteErrLog("参数匹配失败", "");
actionContext.Response = new HttpResponseMessage {
StatusCode = HttpStatusCode.BadRequest, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase {
Result = -1, Message = "参数匹配错误"
}))
};
return;
}
if (!actionContext.ModelState.IsValid)
{
string modelStateMsg = GetModelError(actionContext.ModelState.Values.SelectMany(c => c.Errors));
WriteErrLog("参数验证错误", modelStateMsg);
actionContext.Response = new HttpResponseMessage {
StatusCode = HttpStatusCode.BadRequest, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase {
Result = -1, Message = "参数验证错误"
}))
};
return;
}
var unLogin = actionContext.ActionDescriptor.GetCustomAttributes <UnLoginAttribute>().FirstOrDefault();//如果没有UnLoginAttribute特性标记则校验用户
TnetReginfo regInfo = null;
if (unLogin == null)
{
regInfo = CommonApiTransfer.Instance.GetTnetReginfo(new GetRegInfoReq {
RegInfoKey = req.Nodeid.ToString()
});
if (regInfo == null)
{
WriteErrLog("用户不存在", $"nodeid={req.Nodeid}");
actionContext.Response = new HttpResponseMessage {
StatusCode = HttpStatusCode.BadRequest, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase {
Result = -1, Message = "用户不存在"
}))
};
return;
}
}
if (!CommonConfig.SignValidationDisabled)
{
//DvUZIrmKXs
if (!req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, CommonConfig.ApiAuthString), StringComparison.OrdinalIgnoreCase) &&
!req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, "DvUZIrmKXs"), StringComparison.OrdinalIgnoreCase) &&
!req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, CommonConfig.CasAuthString), StringComparison.OrdinalIgnoreCase) &&
!req.Sign.Equals(Helper.GetSign(req.Nodeid, req.Sid, req.Tm, ConfigurationManager.AppSettings["PcnAuthString"]), StringComparison.OrdinalIgnoreCase))
{
WriteErrLog("参数签名错误", JsonConvert.SerializeObject(req));
actionContext.Response = new HttpResponseMessage {
StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase {
Result = -1, Message = "参数签名错误"
}))
};
return;
}
}
if (regInfo != null)
{
HttpContext.Current.Items.Add("CurrentUser", regInfo);
}
}
/// <summary>
///
/// </summary>
/// <param name="actionExecutedContext"></param>
public override void OnException(HttpActionExecutedContext actionExecutedContext)
{
log.Error("Excetion ReqUrl=" + actionExecutedContext.Request.RequestUri.ToString());
//log.Error("Excetion ReqContent=" + Helper.GetRequestContent());
log.Error("Excetion Info=" + actionExecutedContext.Exception.ToString());
Helper.ClearDbAndTransfer();
if (actionExecutedContext.Exception is ArgumentException)
{
actionExecutedContext.Response = new HttpResponseMessage {
StatusCode = HttpStatusCode.InternalServerError, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase {
Result = 0, Message = actionExecutedContext.Exception.Message
}))
};
}
else
{
actionExecutedContext.Response = new HttpResponseMessage {
StatusCode = HttpStatusCode.InternalServerError, Content = new StringContent(JsonWinner.SerializeObjectPropertyNameLower(new Respbase {
Result = 0, Message = "网络繁忙,请稍后重试"
}))
};
}
base.OnException(actionExecutedContext);
}