public HttpResponseMessage Post(string FirstName, string Password) { var content = databasePlaceholder.GetAll().Where(c => c.FirstName == FirstName && c.Password == Password); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(0, FirstName, DateTime.Now, DateTime.Now.AddHours(1), true, string.Format("{0}&{1}", FirstName, Password), FormsAuthentication.FormsCookiePath); //返回登录结果、用户信息、用户验证票据信息 var oUser = new UserInfo { bRes = true, UserName = FirstName, Password = Password, Ticket = FormsAuthentication.Encrypt(ticket) }; //将身份信息保存在session中,验证当前请求是否是有效请求 HttpContext.Current.Session[FirstName] = oUser; var Data = JsonConvert.SerializeObject(content); HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = oUser, StatusCodeDes = "", IsSuccess = true, StatusCode = (int)System.Net.HttpStatusCode.OK }; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json"), }; return(response); }
//重写基类的验证方式,加入我们自定义的Ticket验证 public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext) { //从http请求的头里面获取身份验证信息,验证是否是请求发起方的ticket var authorization = actionContext.Request.Headers.Authorization; if ((authorization != null) && (authorization.Parameter != null)) { //解密用户ticket,并校验用户名密码是否匹配 var encryptTicket = authorization.Parameter; if (ValidateTicket(encryptTicket)) { base.IsAuthorized(actionContext); } else { HandleUnauthorizedRequest(actionContext); } } //如果取不到身份验证信息,并且不允许匿名访问,则返回未验证401 else { HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = "用户未登录", StatusCodeDes = "", IsSuccess = false, StatusCode = (int)System.Net.HttpStatusCode.OK }; var attributes = actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().OfType <AllowAnonymousAttribute>(); bool isAnonymous = attributes.Any(a => a is AllowAnonymousAttribute); var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json"), }; if (isAnonymous) { base.OnAuthorization(actionContext); } else { throw new HttpResponseException(response); } //var attributes = actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().OfType<AllowAnonymousAttribute>(); //bool isAnonymous = attributes.Any(a => a is AllowAnonymousAttribute); //if (isAnonymous) base.OnAuthorization(actionContext); //else HandleUnauthorizedRequest(actionContext); } }
public HttpResponseMessage PostPersonList1(dynamic person) { HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = person, StatusCodeDes = "", IsSuccess = true, StatusCode = (int)System.Net.HttpStatusCode.OK }; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json") }; return(response); }
public HttpResponseMessage GetPersonByID(int id) { HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel(); Person person = databasePlaceholder.Get(id); if (person == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } viewModel.Data = JsonConvert.SerializeObject(person); viewModel.IsSuccess = true; viewModel.StatusCode = (int)System.Net.HttpStatusCode.OK; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json") }; return(response); }
public HttpResponseMessage PutPerson(Person person) { if (!databasePlaceholder.Update(person)) { throw new HttpResponseException(HttpStatusCode.NotFound); } HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = "更新", StatusCodeDes = "", IsSuccess = true, StatusCode = (int)System.Net.HttpStatusCode.OK }; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json") }; return(response); }
//校验用户名密码(正式环境中应该是数据库校验) private bool ValidateTicket(string encryptTicket) { try { //解密Ticket var strTicket = FormsAuthentication.Decrypt(encryptTicket).UserData; //从Ticket里面获取用户名和密码 var index = strTicket.IndexOf("&"); string strUser = strTicket.Substring(0, index); string strPwd = strTicket.Substring(index + 1); if (strUser == "123" && strPwd == "123") { return(true); } else { return(false); } } catch (Exception) { HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = "票据错误", StatusCodeDes = System.Enum.GetName(typeof(HttpStatusCode), HttpStatusCode.NonAuthoritativeInformation), IsSuccess = false, StatusCode = (int)System.Net.HttpStatusCode.NonAuthoritativeInformation }; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json"), }; throw new HttpResponseException(response); } }
/// <summary> /// 获取所有人信息 /// </summary> /// <returns></returns> // [Route("GetAllPeople")] public HttpResponseMessage GetAllPeople() { var content = databasePlaceholder.GetAll(); var Data = JsonConvert.SerializeObject(content); HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = Data, StatusCodeDes = System.Enum.GetName(typeof(HttpStatusCode), HttpStatusCode.OK), IsSuccess = true, StatusCode = (int)HttpStatusCode.OK }; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json") }; return(response); }
public HttpResponseMessage DeletePerson(int id) { HttpResponseMessageViewModel viewModel = new HttpResponseMessageViewModel() { Data = "ID不存在,无法删除", StatusCodeDes = "", IsSuccess = false, StatusCode = (int)HttpStatusCode.OK }; var response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json") }; Person person = databasePlaceholder.Get(id); if (person == null) { throw new HttpResponseException(response); } databasePlaceholder.Remove(id); viewModel.Data = "删除"; viewModel.StatusCodeDes = ""; viewModel.IsSuccess = true; viewModel.StatusCode = (int)HttpStatusCode.OK; response = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(viewModel), Encoding.UTF8, "application/json") }; return(response); }