/// <summary>
/// 重写OnActionExecuting方法 在进入控制器之前验证 sign以及 参数合法性信息 add by caoheyang 20150318
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
{
Stopwatch stop = new Stopwatch();
actionContext.Request.Properties[Key] = stop;
stop.Start();
dynamic paramodel = actionContext.ActionArguments["paramodel"]; //当前请求的参数对象
lock (paramodel)
{
if (actionContext.ModelState.Count > 0 || paramodel == null) //参数错误,请求中止
{
actionContext.Response = actionContext.ActionDescriptor.ResultConverter.Convert
(actionContext.ControllerContext, ResultModel <object> .Conclude(OrderApiStatusType.ParaError, actionContext.ModelState.Keys));
return;
}
IGroupProvider groupProvider = new GroupProvider();
GroupApiConfigModel groupCofigInfo = groupProvider.GetGroupApiConfigByAppKey(paramodel.app_key, paramodel.v);
LogHelper.LogWriter("groupCofigInfo", new { groupCofigInfo = groupCofigInfo });
if (groupCofigInfo != null && groupCofigInfo.IsValid == 1)//集团可用,且有appkey信息
{
string signStr = groupCofigInfo.AppSecret + "app_key" + paramodel.app_key + "timestamp"
+ paramodel.timestamp + "v" + paramodel.v + groupCofigInfo.AppSecret;
string sign = MD5.Encrypt(signStr);
LogHelper.LogWriter("签名是否一致:", new { sign = sign, sign1 = paramodel.sign });
if (sign != paramodel.sign) //sign错误,请求中止
{
actionContext.Response = actionContext.ActionDescriptor.ResultConverter.Convert
(actionContext.ControllerContext, ResultModel <object> .Conclude(OrderApiStatusType.SignError));
return;
}
else
{
paramodel.group = ParseHelper.ToInt(groupCofigInfo.GroupId, 0); //设置集团
actionContext.ActionArguments["paramodel"] = paramodel; //更新参数实体
}
}
else
{
actionContext.Response = actionContext.ActionDescriptor.ResultConverter.Convert
(actionContext.ControllerContext, ResultModel <object> .Conclude(OrderApiStatusType.SignError)); //sign错误,请求中止
return;
}
}
}
