/// <summary>
/// 执行action
/// </summary>
/// <param name="actionContext"></param>
public override void OnActionExecuting(ActionExecutingContext actionContext)
{
//base.OnActionExecuting(actionContext);
if (false == IsCheck)
{
base.OnActionExecuting(actionContext);
return;
}
//首先验证是否来自浏览器
bool checkBrowser = this.CheckIsComeFromWebBrowser(actionContext);
if (false == checkBrowser)
{
//不是来自浏览器,获取当前的分钟是否是奇数 如果是奇数 那么进入错误页面 ,偶数正常;目的是为了混淆请求,增加猜参数的难度
if (DateTime.Now.Minute % 2 != 0)
{
WorkContext.GoToErrorPage();//一旦是奇数 那么进入错误页
return;
}
}
////当前登录过的用户id
//UserInfoModel currentUser = null;
//currentUser = this._formAuthService.GetAuthenticatedCustomerFromCookie();
////验证通过 那么直接执行 action 否则返回错误
//if (null != currentUser)
//{
// base.OnActionExecuting(actionContext);//有权限的话 直接继续执行要访问的action
// return;
//}
//else
//{
// //记录错误日志
// string toAccessUrl = actionContext.ControllerContext.Request.RequestUri.ToString();
// string msg = string.Concat("非法访问;IP地址:", HttpContext.Current.Request.GetIP(), "。访问地址:", toAccessUrl);
// Logger.WriteToLog(new LogEventArgs { LogMessage = msg, LogType = LoggingType.DbInfo });
// //输出错误信息
// var result = new BaseResult<string>
// {
// Status = CodeStatusTable.NotHaveAuth
// , Msg = CodeStatusTable.NotHaveAuth.GetEnumDescription()
// };
// actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, result);
//}
}
/// <summary>
/// 重写基类中的异常处理方法
/// </summary>
/// <param name="filterContext"></param>
public override void OnException(ExceptionContext filterContext)
{
//记录日志
try
{
StringBuilder sb = new StringBuilder();
sb.AppendFormat("Controller :{0}", filterContext.RouteData.Values["controller"].ToString());
sb.Append(Environment.NewLine);
sb.AppendFormat("Action :{0}", filterContext.RouteData.Values["action"].ToString());
sb.Append(Environment.NewLine);
sb.AppendFormat("Exception :{0}", filterContext.Exception.ToString());
sb.Append(Environment.NewLine);
Logger.Error(sb.ToString());
var webStatus = WorkContext.HostingEnvironment.EnvironmentName;
if (webStatus == EnvironmentName.Production)
{
//正式环境
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
var result = new { Type = 0, Msg = "您没有权限或者访问错误" };
filterContext.HttpContext.Response.ContentType = new MediaTypeHeaderValue("application/json").ToString();
filterContext.HttpContext.Response.WriteAsync(result.ToJson(), Encoding.UTF8)
.ConfigureAwait(true)
.GetAwaiter();
}
//正式环境 跳转到错误页防止看到错误信息
WorkContext.GoToErrorPage();
}
else
{
//开发模式
base.OnException(filterContext);
}
}
catch (Exception ex)
{
throw ex;
}
finally
{
//一旦使用 此过滤器 那么 最终标志 异常被处理
filterContext.ExceptionHandled = true;
}
//base.OnException(filterContext);
}
