public override void OnActionExecuting(HttpActionContext actionContext) { if (actionContext.IsUseAttributeOf <DoNotTrackAttribute>()) { return; } var tracker = new RequestTracker(); actionContext.Request.Properties["Tracker"] = tracker; tracker.Start(actionContext); }
public override void OnAuthorization(HttpActionContext actionContext) { if (actionContext.IsUseAttributeOf <AllowAnonymousAttribute>()) { return; } if (!IsAuthorized(actionContext)) { return; } if (!ValidateRequest(actionContext)) { return; } }
protected override bool IsAuthorized(HttpActionContext actionContext) { var principal = Thread.CurrentPrincipal; if (principal == null && HttpContext.Current != null) { principal = HttpContext.Current.User; } if (principal != null && principal.Identity != null && !principal.Identity.IsAuthenticated && actionContext.IsUseAttributeOf <AuthorizeAttribute>()) { actionContext.CreateErrorResponse("用户未登录!"); return(false); } if (principal != null && principal.Identity != null && principal.Identity.IsAuthenticated) { if (!(principal.Identity is BasicAuthenticationIdentity identity)) { return(false); } var context = new Context(identity.Name); var bizUser = new UserBusiness(context); var result = bizUser.ValidateLogin(identity.Name, identity.Password); if (!result.IsValid) { actionContext.CreateErrorResponse(result.Message); } else { actionContext.RequestContext.Principal = principal; actionContext.Request.Properties["Known_User"] = result.Data; } return(result.IsValid); } return(false); }