public override void OnActionExecuting(ActionExecutingContext filterContext) { var routeItem = RouteHelper.GetCurrentConfigRouteItem(); bool need = routeItem == null ? false : routeItem.NeedLogin; if (need == false) // 不需要验证签名 { return; } string requestSign = filterContext.RequestContext.HttpContext.Request.Headers["IBB-Service-Sign"]; string timestamp = filterContext.RequestContext.HttpContext.Request.Headers["IBB-Service-Timestamp"]; string salt = filterContext.RequestContext.HttpContext.Request.Headers["IBB-Service-Salt"]; DateTime time; if (string.IsNullOrWhiteSpace(timestamp) || DateTime.TryParse(timestamp, out time) == false) { throw new ApplicationException(string.Format("无效的timestamp;IBB-Service-Sign:{0};IBB-Service-Timestamp:{1};IBB-Service-Salt:{2}", requestSign, timestamp, salt)); } if (time.AddMinutes(10) < DateTime.Now) { throw new ApplicationException(string.Format("此请求的签名已过期;IBB-Service-Sign:{0};IBB-Service-Timestamp:{1};IBB-Service-Salt:{2}", requestSign, timestamp, salt)); } string privateKey = ConfigurationManager.AppSettings["ServicePrivateKey"]; string sign = MD5Crypto(timestamp + salt + privateKey); if (sign != requestSign) { throw new ApplicationException(string.Format("请求的签名错误;IBB-Service-Sign:{0};IBB-Service-Timestamp:{1};IBB-Service-Salt:{2}", requestSign, timestamp, salt)); } }
protected override bool CheckAuthentication() { var routeItem = RouteHelper.GetCurrentConfigRouteItem(); bool need = routeItem == null ? false : routeItem.NeedLogin; if (need == false) { return(true); } return(base.CheckAuthentication() && // 已经登录 ContextManager.Current.HasPermission("Fly_Login")); // 并且要有登录系统的权限 }