public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var routeItem = RouteHelper.GetCurrentConfigRouteItem();
bool need = routeItem == null ? false : routeItem.NeedLogin;
if (need == false) // 不需要验证签名
{
return;
}
string requestSign = filterContext.RequestContext.HttpContext.Request.Headers["IBB-Service-Sign"];
string timestamp = filterContext.RequestContext.HttpContext.Request.Headers["IBB-Service-Timestamp"];
string salt = filterContext.RequestContext.HttpContext.Request.Headers["IBB-Service-Salt"];
DateTime time;
if (string.IsNullOrWhiteSpace(timestamp) || DateTime.TryParse(timestamp, out time) == false)
{
throw new ApplicationException(string.Format("无效的timestamp;IBB-Service-Sign:{0};IBB-Service-Timestamp:{1};IBB-Service-Salt:{2}", requestSign, timestamp, salt));
}
if (time.AddMinutes(10) < DateTime.Now)
{
throw new ApplicationException(string.Format("此请求的签名已过期;IBB-Service-Sign:{0};IBB-Service-Timestamp:{1};IBB-Service-Salt:{2}", requestSign, timestamp, salt));
}
string privateKey = ConfigurationManager.AppSettings["ServicePrivateKey"];
string sign = MD5Crypto(timestamp + salt + privateKey);
if (sign != requestSign)
{
throw new ApplicationException(string.Format("请求的签名错误;IBB-Service-Sign:{0};IBB-Service-Timestamp:{1};IBB-Service-Salt:{2}", requestSign, timestamp, salt));
}
}
protected override bool CheckAuthentication()
{
var routeItem = RouteHelper.GetCurrentConfigRouteItem();
bool need = routeItem == null ? false : routeItem.NeedLogin;
if (need == false)
{
return(true);
}
return(base.CheckAuthentication() && // 已经登录
ContextManager.Current.HasPermission("Fly_Login")); // 并且要有登录系统的权限
}
