public override void OnActionExecuting(HttpActionContext actionContext) { try { DateTime requestTime = DateTime.Now; var request = ((HttpContextWrapper)actionContext.Request.Properties["MS_HttpContext"]).Request; var requestMethod = request.HttpMethod; request.Headers.Add("CurrentUserId", ""); MonitorLog.OnActionExecuting(actionContext); bool skipAuthorization = actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any(); if (skipAuthorization) { return; } string app_key = request.Headers["key"]; string app_sign = request.Headers["sign"]; string app_version = request.Headers["version"]; string app_timestamp_s = request.Headers["timestamp"]; string app_data = null; if (requestMethod == "POST") { Stream stream = HttpContext.Current.Request.InputStream; stream.Seek(0, SeekOrigin.Begin); app_data = new StreamReader(stream).ReadToEnd(); #region 过滤图片 if (app_data.LastIndexOf(",\"ImgData\":{") > -1) { //Log.Info("去掉图片之前的数据:" + app_data); int x = app_data.LastIndexOf(",\"ImgData\":{"); app_data = app_data.Substring(0, x); app_data += "}"; //Log.Info("去掉图片之后的数据:" + app_data); } else if (app_data.LastIndexOf(",\"imgData\":{") > -1) { // Log.Info("去掉图片之前的数据:" + app_data); int x = app_data.LastIndexOf(",\"imgData\":{"); app_data = app_data.Substring(0, x); app_data += "}"; //Log.Info("去掉图片之后的数据:" + app_data); } #endregion } else { NameValueCollection queryForm = HttpContext.Current.Request.QueryString; Dictionary <string, string> queryData = new Dictionary <string, string>(); for (int f = 0; f < queryForm.Count; f++) { string querykey = queryForm.Keys[f]; queryData.Add(querykey, queryForm[querykey]); } app_data = GetQueryData(queryData); } //检查必要的参数 if (app_key == null || app_sign == null || app_timestamp_s == null) { OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Failure, ResultCode.Failure2Sign, "缺少必要参数"); actionContext.Response = new OwnApiHttpResponse(result); return; } //检查key是否在数据库中存在 string app_secret = BizFactory.Merch.GetTermApiSecret(app_key); if (app_secret == null) { OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Failure, ResultCode.Failure2Sign, "应用程序Key,存在错误"); actionContext.Response = new OwnApiHttpResponse(result); return; } long app_timestamp = long.Parse(app_timestamp_s); string signStr = Signature.Compute(app_key, app_secret, app_timestamp, app_data); if (Signature.IsRequestTimeout(app_timestamp)) { OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Failure, ResultCode.Failure2Sign, "请求已超时"); actionContext.Response = new OwnApiHttpResponse(result); return; } if (signStr != app_sign) { LogUtil.Warn("API签名错误"); OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Failure, ResultCode.Failure2Sign, "签名错误"); actionContext.Response = new OwnApiHttpResponse(result); return; } base.OnActionExecuting(actionContext); } catch (Exception ex) { LogUtil.Error(string.Format("API错误:{0}", ex.Message), ex); OwnApiHttpResult result = new OwnApiHttpResult(ResultType.Exception, ResultCode.Exception, "内部错误"); actionContext.Response = new OwnApiHttpResponse(result); return; } }