protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext.Request.HttpMethod == HttpMethod.Options.Method) { httpContext.Response.StatusCode = (int)HttpStatusCode.Accepted; return(true); } var result = false; var accessToken = string.Empty; // Header中传递Token accessToken = httpContext.Request.Headers[AuthorizeHelper.TOKEN_KEY]; if (!string.IsNullOrWhiteSpace(accessToken) && AuthorizeHelper.IsExistToken(accessToken)) { result = true; } if (!result && (httpContext.Request.HttpMethod == HttpMethod.Get.Method || method == AuthorizeMethodEnum.Get)) { // 通过地址栏传递 accessToken = httpContext.Request.QueryString[AuthorizeHelper.TOKEN_KEY]; if (string.IsNullOrWhiteSpace(accessToken)) { accessToken = httpContext.Request.Form[AuthorizeHelper.TOKEN_KEY]; } if (!string.IsNullOrWhiteSpace(accessToken) && AuthorizeHelper.IsExistToken(accessToken)) { result = true; } } if (result) { result = AuthorizeExtension.Execute(AuthorizeTypeEnum.MVC, AuthorizeHelper.GetToken(accessToken)); } if (!result) { httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; } return(result); }
protected override bool IsAuthorized(HttpActionContext actionContext) { if (actionContext.Request.Method == HttpMethod.Options) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted); return(true); } var result = false; var accessToken = string.Empty; // Header中传递Token var ts = actionContext.Request.Headers.Where(c => c.Key.ToLower() == AuthorizeHelper.TOKEN_KEY).FirstOrDefault().Value; if (ts != null) { accessToken = ts.First <string>(); result = AuthorizeHelper.IsExistToken(accessToken); } if (!result && (actionContext.Request.Method == HttpMethod.Get || method == AuthorizeMethodEnum.Get)) { // 通过地址栏传递 accessToken = actionContext.Request.GetQueryNameValuePairs().Where(x => x.Key == AuthorizeHelper.TOKEN_KEY).FirstOrDefault().Value; if (accessToken != null && AuthorizeHelper.IsExistToken(accessToken)) { result = true; } } if (result) { result = AuthorizeExtension.Execute(AuthorizeTypeEnum.API, AuthorizeHelper.GetToken(accessToken)); } return(result); }