public override void OnAuthorization(AuthorizationContext filterContext)
{
ControllerBase ctb = filterContext.Controller;
if (filterContext.HttpContext.Response.StatusCode == 401)
{
filterContext.Result = ResultAPI.apiresult.APIResult("error", "用户签名不正确!");
return;
}
string result = WebHelper.GetPostStr();
List <string> actionlist;
if (!WebHelper.IsPost())
{
actionlist = new List <string>();
actionlist.AddRange(new string[]
{
"getsigna", "newly", "daily"
});
if (!ctb.ToString().Contains("ErrorController") &&
!actionlist.Contains(filterContext.ActionDescriptor.ActionName.ToLower()))
{
filterContext.Result = ResultAPI.apiresult.APIResult("error", "只支持POST方式请求");
return;
}
}
else
{
NameValueCollection parmas = PostParams.StrParams.strparams;
string tempreulst = "";
parmas.AllKeys.ToList().ForEach(x =>
{
tempreulst += x + ":" + parmas[x] + ",";
});
string appkey = parmas.Get("appkey") == null ? filterContext.HttpContext.Request.Form["appkey"] : parmas.Get("appkey");
actionlist = new List <string>();
actionlist.AddRange(new string[]
{
"getsigna", "openresult"
});
//验证IMEI
if (!actionlist.Contains(filterContext.ActionDescriptor.ActionName.ToLower()))
{
if ((parmas.Get("appkey") == null || parmas.Get("appsecret") == null) &&
(filterContext.HttpContext.Request.Form["appkey"] == null || filterContext.HttpContext.Request.Form["appsecret"] == null))
{
filterContext.Result = ResultAPI.apiresult.APIResult("error", "缺少请求参数");
return;
}
string appsecret = filterContext.HttpContext.Request.Form["appsecret"] ?? parmas.Get("appsecret");
string imres = M_UsersBusiness.ValidateAPPKey(appkey, appsecret);
if (imres != string.Empty)
{
filterContext.Result = ResultAPI.apiresult.APIResult("error", imres);
return;
}
}
}
}