Kummy's Blog

o(︶︿︶)o { name : 'Kummy' , job : 'Feser' }

如何在Asp.Net WebApi接口中,验证请求参数中是否携带token标识!

[BasicAuthentication]
    public abstract class ApiControllerBase : ApiController
    {
        #region Gloal Property
        /// <summary>
        /// token_id
        /// </summary>
        public string token_ID { get; set; }

        /// <summary>
        /// user_id
        /// </summary>
        public string user_ID { get; set; }
#endregion

        #region InitializeUser
        protected override void Initialize(System.Web.Http.Controllers.HttpControllerContext controllerContext)
        {
            user_ID = token_ID = string.Empty;

            #region 【 验证请求中是否有 token 授权 】
            if (controllerContext.Request.Method != HttpMethod.Get)
            {
                string postContentData = string.Empty;
                string contentType = string.Empty;
                string postTokenStr = string.Empty;
                //----------------获取Post参数--------------------
                NameValueCollection postParam = null;

                //【处理】content-type:application/x-www-form-urlencoded
                if (controllerContext.Request.Content.IsFormData())
                {
                    postParam = controllerContext.Request.Content.ReadAsFormDataAsync().Result;
                    postContentData = postParam.ToString();
                    postTokenStr = postParam["token"] ?? "";
                    contentType = "application/x-www-form-urlencoded";
                }
                //【处理】 content-type:application/json 
                else
                {
                    contentType = "application/json";
                    if (!controllerContext.Request.Content.IsMimeMultipartContent("form-data"))
                    {
                        postContentData = controllerContext.Request.Content.ReadAsStringAsync().Result;
                        JavaScriptSerializer json = new JavaScriptSerializer();
                        dynamic token = json.Deserialize(postContentData, typeof(object));
                        if (postContentData.Contains("token"))
                        {
                            postTokenStr = Convert.ToString(token["token"]);
                        }
                    }
                    else
                    {
                        contentType = "multipart/form-data";
                        var collPostParamData = controllerContext.Request.RequestUri.ParseQueryString();
                        //----------------同时处理Post中的Url参数请求-------------------------------
                        if (!string.IsNullOrWhiteSpace(collPostParamData["token"]))
                        {
                            postTokenStr = System.Web.HttpUtility.UrlDecode(collPostParamData["token"]);
                        }
                    }
                }
                //----------------设置回FormData参数----------------------
                if (!controllerContext.Request.Content.IsMimeMultipartContent("form-data"))
                {
                    StringContent content = new StringContent(postContentData, Encoding.UTF8, contentType);
                    controllerContext.Request.Content = content;
                }

                this.token_ID = postTokenStr;
                BasicAuthenticationAttribute.isLoginAuth = ValidateCacheToken(postTokenStr);
            }
            else
            {
                var getParam = controllerContext.Request.RequestUri.ParseQueryString();
                //----------------Get请求-------------------------------
                if (!string.IsNullOrWhiteSpace(getParam["token"]))
                {
                    var _getToken = System.Web.HttpUtility.UrlDecode(getParam["token"]);
                    this.token_ID = _getToken;
                    BasicAuthenticationAttribute.isLoginAuth = ValidateCacheToken(_getToken);
                }
            }
            #endregion
            base.Initialize(controllerContext);
     }

注意: controllerContext.Request.Content.ReadAsFormDataAsync().Result 和 controllerContext.Request.Content.ReadAsStringAsync().Result; 只能取,并且取完,后面子类中就获取不到了,必须就得重新赋值进去,这是我觉得很怪异的地方。

StringContent content = new StringContent(postContentData, Encoding.UTF8, contentType);
controllerContext.Request.Content = content;
posted @ 2014-03-27 15:28  李 维  阅读(2532)  评论(5编辑  收藏  举报