如何在Asp.Net WebApi接口中,验证请求参数中是否携带token标识!
[BasicAuthentication] public abstract class ApiControllerBase : ApiController { #region Gloal Property /// <summary> /// token_id /// </summary> public string token_ID { get; set; } /// <summary> /// user_id /// </summary> public string user_ID { get; set; } #endregion #region InitializeUser protected override void Initialize(System.Web.Http.Controllers.HttpControllerContext controllerContext) { user_ID = token_ID = string.Empty; #region 【 验证请求中是否有 token 授权 】 if (controllerContext.Request.Method != HttpMethod.Get) { string postContentData = string.Empty; string contentType = string.Empty; string postTokenStr = string.Empty; //----------------获取Post参数-------------------- NameValueCollection postParam = null; //【处理】content-type:application/x-www-form-urlencoded if (controllerContext.Request.Content.IsFormData()) { postParam = controllerContext.Request.Content.ReadAsFormDataAsync().Result; postContentData = postParam.ToString(); postTokenStr = postParam["token"] ?? ""; contentType = "application/x-www-form-urlencoded"; } //【处理】 content-type:application/json else { contentType = "application/json"; if (!controllerContext.Request.Content.IsMimeMultipartContent("form-data")) { postContentData = controllerContext.Request.Content.ReadAsStringAsync().Result; JavaScriptSerializer json = new JavaScriptSerializer(); dynamic token = json.Deserialize(postContentData, typeof(object)); if (postContentData.Contains("token")) { postTokenStr = Convert.ToString(token["token"]); } } else { contentType = "multipart/form-data"; var collPostParamData = controllerContext.Request.RequestUri.ParseQueryString(); //----------------同时处理Post中的Url参数请求------------------------------- if (!string.IsNullOrWhiteSpace(collPostParamData["token"])) { postTokenStr = System.Web.HttpUtility.UrlDecode(collPostParamData["token"]); } } } //----------------设置回FormData参数---------------------- if (!controllerContext.Request.Content.IsMimeMultipartContent("form-data")) { StringContent content = new StringContent(postContentData, Encoding.UTF8, contentType); controllerContext.Request.Content = content; } this.token_ID = postTokenStr; BasicAuthenticationAttribute.isLoginAuth = ValidateCacheToken(postTokenStr); } else { var getParam = controllerContext.Request.RequestUri.ParseQueryString(); //----------------Get请求------------------------------- if (!string.IsNullOrWhiteSpace(getParam["token"])) { var _getToken = System.Web.HttpUtility.UrlDecode(getParam["token"]); this.token_ID = _getToken; BasicAuthenticationAttribute.isLoginAuth = ValidateCacheToken(_getToken); } } #endregion base.Initialize(controllerContext); }
注意: controllerContext.Request.Content.ReadAsFormDataAsync().Result 和 controllerContext.Request.Content.ReadAsStringAsync().Result; 只能取,并且取完,后面子类中就获取不到了,必须就得重新赋值进去,这是我觉得很怪异的地方。
StringContent content = new StringContent(postContentData, Encoding.UTF8, contentType); controllerContext.Request.Content = content;
在寂寞的日子里沉淀自己,在程序的日子里找到自己,我为梦想而坚持!
如果对你有重要帮助,可以打赏一下!