public override void OnActionExecuted(ActionExecutedContext filterContext) { bool clientFlag = filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id"); if (clientFlag) { string ServiceAppId = ConfigurationManager.AppSettings["AppId"]; ServiceAppId = string.IsNullOrWhiteSpace(ServiceAppId) ? "" : ServiceAppId; filterContext.HttpContext.Response.AddHeader("x-soho-app-id", ServiceAppId); bool bIsMustBusinessRoute = ValidateIsMustBusinessRoute(filterContext.RouteData.Values["controller"].ToString(), filterContext.RouteData.Values["action"].ToString()); if (bIsMustBusinessRoute) { //HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult { Code = 1000001, Success = false, Message = "您没有操作权限!" })); HttpContext.Current.Response.End(); return; } else { //客户端存在自定义标识,则是非Web方式请求,直接返回Json数据 ViewResult viewResult = filterContext.Result as ViewResult; if (viewResult != null) { var modelData = viewResult.Model as PortalResult; //是否返回自定义cookie string serviceSohoOrigin = ConfigurationManager.AppSettings["SohoOrigin"]; serviceSohoOrigin = string.IsNullOrWhiteSpace(serviceSohoOrigin) ? "" : serviceSohoOrigin; if (filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-origin") && serviceSohoOrigin.Contains(filterContext.HttpContext.Request.Headers["x-soho-origin"].ToString())) { MobilePortalResult responseData = new MobilePortalResult(modelData); var mobileCookie = HttpContext.Current.Response.Headers["x-soho-mobile-cookie"] == null ? "" : HttpContext.Current.Response.Headers["x-soho-mobile-cookie"].ToString(); responseData.Cookie = mobileCookie; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(responseData)); HttpContext.Current.Response.End(); } else { HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(modelData)); HttpContext.Current.Response.End(); } throw new BusinessException(""); } } } }
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters) { string strCookieValue = string.Empty; string strEncCookieValue = string.Empty; string strSHA1Sign = string.Empty; strCookieValue = SerializationUtility.JsonSerialize3(obj); strEncCookieValue = RC4Encrypt.Encrypt(strCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder).Trim(); strSHA1Sign = HashEncrypt.SHA1Encrypt(strEncCookieValue + parameters["hashkey"]); strEncCookieValue = HttpUtility.UrlEncode(strEncCookieValue); strEncCookieValue = strSHA1Sign + strEncCookieValue; return(strEncCookieValue); }
public override void OnException(ExceptionContext filterContext) { if (filterContext.Exception != null) { bool clientFlag = filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id"); if (clientFlag) { HttpContext.Current.Response.Clear(); HttpContext.Current.Response.BufferOutput = true; //HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult { Code = GetExceptionCode(filterContext.Exception, filterContext.HttpContext.Request.IsLocal), Success = false, Message = GetExceptionInfo(filterContext.Exception, filterContext.HttpContext.Request.IsLocal) })); filterContext.HttpContext.Response.TrySkipIisCustomErrors = true; filterContext.ExceptionHandled = HandleException(filterContext.Exception); HttpContext.Current.Response.End(); return; } else { Exception exception = new Exception(GetExceptionInfo(filterContext.Exception, filterContext.HttpContext.Request.IsLocal)); string controller = filterContext.RouteData.Values["controller"].ToString(); string action = filterContext.RouteData.Values["action"].ToString(); HandleErrorInfo model = new HandleErrorInfo(exception, controller, action); filterContext.Controller.TempData["ExceptionMessage"] = GetExceptionInfo(filterContext.Exception, filterContext.HttpContext.Request.IsLocal); filterContext.Result = new ViewResult { ViewName = this.View, MasterName = this.Master, ViewData = new ViewDataDictionary <HandleErrorInfo>(model), TempData = filterContext.Controller.TempData }; filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.TrySkipIisCustomErrors = true; filterContext.ExceptionHandled = HandleException(filterContext.Exception); } } }
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters) { string strCookieValue = string.Empty; string strEncCookieValue = string.Empty; string strSHA1Sign = string.Empty; string[] arrayCookieValue = new string[3]; int securityExpires = 0; int.TryParse(parameters["securityExpires"], out securityExpires); arrayCookieValue[0] = SerializationUtility.JsonSerialize3(obj); arrayCookieValue[1] = DateTime.Now.AddMinutes(securityExpires).ToString(); arrayCookieValue[2] = GetClientIP(); strCookieValue = SerializationUtility.JsonSerialize3(arrayCookieValue); strEncCookieValue = RC4Encrypt.Encrypt(strCookieValue, parameters["rc4key"], RC4Encrypt.EncoderMode.HexEncoder).Trim(); strSHA1Sign = HashEncrypt.SHA1Encrypt(strEncCookieValue + parameters["hashkey"]); strEncCookieValue = HttpUtility.UrlEncode(strEncCookieValue); strEncCookieValue = strSHA1Sign + strEncCookieValue; return(strEncCookieValue); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { bool clientFlag = filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id"); string controller = filterContext.RouteData.Values["controller"].ToString(); string action = filterContext.RouteData.Values["action"].ToString(); if (clientFlag) { //客户端存在自定义标识,则是非Web方式请求,验证非Web方式的请求是否有效 if (!filterContext.HttpContext.Request.Headers.AllKeys.Contains("x-soho-app-id")) { HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult { Code = 1000001, Success = false, Message = "未授权的客户端!" })); HttpContext.Current.Response.End(); return; } string ServiceAppId = ConfigurationManager.AppSettings["AppId"]; ServiceAppId = string.IsNullOrWhiteSpace(ServiceAppId) ? "" : ServiceAppId; var appId = filterContext.HttpContext.Request.Headers.GetValues("x-soho-app-id").ToList().FirstOrDefault(); if (appId != ServiceAppId) { HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult { Code = 1000001, Success = false, Message = "未授权的客户端!" })); HttpContext.Current.Response.End(); return; } if (NeedAuth) { if (!ValidateLogin()) { HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult { Code = 1000000, Success = false, Message = "您还没有登录!" })); HttpContext.Current.Response.End(); return; } if (!ValidateAuth(controller, action)) { HttpContext.Current.Response.StatusCode = (int)HttpStatusCode.OK; HttpContext.Current.Response.Write(SerializationUtility.JsonSerialize3(new PortalResult { Code = 1000001, Success = false, Message = "您没有操作权限!" })); HttpContext.Current.Response.End(); return; } } } if (NeedAuth) { //客户端不存在自定义标识,则是Web方式请求,验证Web方式的请求是否有效 if (!ValidateLogin()) { string returnUrl = HttpUtility.UrlEncode(filterContext.RequestContext.HttpContext.Request.Url.AbsoluteUri); string loginUrl = ConfigurationManager.AppSettings["LoginUrl"]; if (string.IsNullOrEmpty(loginUrl)) { loginUrl = string.Format("~/Login?ReturnUrl={0}", returnUrl); } else { loginUrl = string.Format("{0}?ReturnUrl={1}", loginUrl, returnUrl); } filterContext.Result = new RedirectResult(loginUrl); return; } if (!ValidateAuth(controller, action)) { string returnUrl = HttpUtility.UrlEncode(filterContext.RequestContext.HttpContext.Request.Url.AbsoluteUri); string authErrorUrl = ConfigurationManager.AppSettings["AuthErrorUrl"]; if (string.IsNullOrEmpty(authErrorUrl)) { authErrorUrl = string.Format("~/AuthError?ReturnUrl={0}", returnUrl); } else { authErrorUrl = string.Format("{0}?ReturnUrl={1}", authErrorUrl, returnUrl); } filterContext.Result = new RedirectResult(authErrorUrl); return; } } }
public string EncryptCookie <T>(T obj, Dictionary <string, string> parameters) { return(SerializationUtility.JsonSerialize3(obj)); }