public override void OnActionExecuted(ActionExecutedContext filterContext)
{
bool clientFlag = filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id");
if (clientFlag)
{
string ServiceAppId = ConfigurationManager.AppSettings["AppId"];
ServiceAppId = string.IsNullOrWhiteSpace(ServiceAppId) ? "" : ServiceAppId;
filterContext.HttpContext.Response.AddHeader("x-soho-app-id", ServiceAppId);
bool bIsMustBusinessRoute = ValidateIsMustBusinessRoute(filterContext.RouteData.Values["controller"].ToString(),
filterContext.RouteData.Values["action"].ToString());
if (bIsMustBusinessRoute)
{
//HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult
{
Code = 1000001,
Success = false,
Message = "您没有操作权限!"
}));
HttpContext.Current.Response.End();
return;
}
else
{
//客户端存在自定义标识,则是非Web方式请求,直接返回Json数据
ViewResult viewResult = filterContext.Result as ViewResult;
if (viewResult != null)
{
var modelData = viewResult.Model as PortalResult;
//是否返回自定义cookie
string serviceSohoOrigin = ConfigurationManager.AppSettings["SohoOrigin"];
serviceSohoOrigin = string.IsNullOrWhiteSpace(serviceSohoOrigin) ? "" : serviceSohoOrigin;
if (filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-origin") &&
serviceSohoOrigin.Contains(filterContext.HttpContext.Request.Headers["x-soho-origin"].ToString()))
{
MobilePortalResult responseData = new MobilePortalResult(modelData);
var mobileCookie = HttpContext.Current.Response.Headers["x-soho-mobile-cookie"] == null ? "" : HttpContext.Current.Response.Headers["x-soho-mobile-cookie"].ToString();
responseData.Cookie = mobileCookie;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(responseData));
HttpContext.Current.Response.End();
}
else
{
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(modelData));
HttpContext.Current.Response.End();
}
throw new BusinessException("");
}
}
}
}
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters)
{
string strCookieValue = string.Empty;
string strEncCookieValue = string.Empty;
string strSHA1Sign = string.Empty;
strCookieValue = SerializationUtility.JsonSerialize3(obj);
strEncCookieValue = RC4Encrypt.Encrypt(strCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder).Trim();
strSHA1Sign = HashEncrypt.SHA1Encrypt(strEncCookieValue + parameters["hashkey"]);
strEncCookieValue = HttpUtility.UrlEncode(strEncCookieValue);
strEncCookieValue = strSHA1Sign + strEncCookieValue;
return(strEncCookieValue);
}
public override void OnException(ExceptionContext filterContext)
{
if (filterContext.Exception != null)
{
bool clientFlag = filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id");
if (clientFlag)
{
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.BufferOutput = true;
//HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult
{
Code = GetExceptionCode(filterContext.Exception, filterContext.HttpContext.Request.IsLocal),
Success = false,
Message = GetExceptionInfo(filterContext.Exception, filterContext.HttpContext.Request.IsLocal)
}));
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.ExceptionHandled = HandleException(filterContext.Exception);
HttpContext.Current.Response.End();
return;
}
else
{
Exception exception = new Exception(GetExceptionInfo(filterContext.Exception, filterContext.HttpContext.Request.IsLocal));
string controller = filterContext.RouteData.Values["controller"].ToString();
string action = filterContext.RouteData.Values["action"].ToString();
HandleErrorInfo model = new HandleErrorInfo(exception, controller, action);
filterContext.Controller.TempData["ExceptionMessage"] = GetExceptionInfo(filterContext.Exception, filterContext.HttpContext.Request.IsLocal);
filterContext.Result = new ViewResult
{
ViewName = this.View,
MasterName = this.Master,
ViewData = new ViewDataDictionary <HandleErrorInfo>(model),
TempData = filterContext.Controller.TempData
};
filterContext.HttpContext.Response.Clear();
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.ExceptionHandled = HandleException(filterContext.Exception);
}
}
}
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters)
{
string strCookieValue = string.Empty;
string strEncCookieValue = string.Empty;
string strSHA1Sign = string.Empty;
string[] arrayCookieValue = new string[3];
int securityExpires = 0;
int.TryParse(parameters["securityExpires"], out securityExpires);
arrayCookieValue[0] = SerializationUtility.JsonSerialize3(obj);
arrayCookieValue[1] = DateTime.Now.AddMinutes(securityExpires).ToString();
arrayCookieValue[2] = GetClientIP();
strCookieValue = SerializationUtility.JsonSerialize3(arrayCookieValue);
strEncCookieValue = RC4Encrypt.Encrypt(strCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder).Trim();
strSHA1Sign = HashEncrypt.SHA1Encrypt(strEncCookieValue + parameters["hashkey"]);
strEncCookieValue = HttpUtility.UrlEncode(strEncCookieValue);
strEncCookieValue = strSHA1Sign + strEncCookieValue;
return(strEncCookieValue);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
bool clientFlag = filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id");
string controller = filterContext.RouteData.Values["controller"].ToString();
string action = filterContext.RouteData.Values["action"].ToString();
if (clientFlag)
{
//客户端存在自定义标识,则是非Web方式请求,验证非Web方式的请求是否有效
if (!filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id"))
{
HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult
{
Code = 1000001,
Success = false,
Message = "未授权的客户端!"
}));
HttpContext.Current.Response.End();
return;
}
string ServiceAppId = ConfigurationManager.AppSettings["AppId"];
ServiceAppId = string.IsNullOrWhiteSpace(ServiceAppId) ? "" : ServiceAppId;
var appId = filterContext.HttpContext.Request.Headers.GetValues("x-soho-app-id").ToList().FirstOrDefault();
if (appId != ServiceAppId)
{
HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult
{
Code = 1000001,
Success = false,
Message = "未授权的客户端!"
}));
HttpContext.Current.Response.End();
return;
}
if (NeedAuth)
{
if (!ValidateLogin())
{
HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult
{
Code = 1000000,
Success = false,
Message = "您还没有登录!"
}));
HttpContext.Current.Response.End();
return;
}
if (!ValidateAuth(controller, action))
{
HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK;
HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult
{
Code = 1000001,
Success = false,
Message = "您没有操作权限!"
}));
HttpContext.Current.Response.End();
return;
}
}
}
if (NeedAuth)
{
//客户端不存在自定义标识,则是Web方式请求,验证Web方式的请求是否有效
if (!ValidateLogin())
{
string returnUrl = HttpUtility.UrlEncode(filterContext.RequestContext.HttpContext.Request.Url.AbsoluteUri);
string loginUrl = ConfigurationManager.AppSettings["LoginUrl"];
if (string.IsNullOrEmpty(loginUrl))
{
loginUrl = string.Format("~/Login?ReturnUrl={0}", returnUrl);
}
else
{
loginUrl = string.Format("{0}?ReturnUrl={1}", loginUrl, returnUrl);
}
filterContext.Result = new RedirectResult(loginUrl);
return;
}
if (!ValidateAuth(controller, action))
{
string returnUrl = HttpUtility.UrlEncode(filterContext.RequestContext.HttpContext.Request.Url.AbsoluteUri);
string authErrorUrl = ConfigurationManager.AppSettings["AuthErrorUrl"];
if (string.IsNullOrEmpty(authErrorUrl))
{
authErrorUrl = string.Format("~/AuthError?ReturnUrl={0}", returnUrl);
}
else
{
authErrorUrl = string.Format("{0}?ReturnUrl={1}", authErrorUrl, returnUrl);
}
filterContext.Result = new RedirectResult(authErrorUrl);
return;
}
}
}
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters)
{
return(SerializationUtility.JsonSerialize3(obj));
}
