web api 过滤器

复制代码
 /// <summary>
    /// 渠道过滤器
    /// </summary>
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
    public class ChannelActionFilterAttribute : ActionFilterAttribute
    {
        /// <summary>
        /// 请求接口之前渠道过滤
        /// </summary>
        /// <param name="actionContext"></param>
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            var identity = ParseHeader(actionContext);
            if (identity == null)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden,"请求来源未知,没有该接口访问权限。");
                return;
            }
            if (!ValidChannel(identity))
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, "请求来源未知,没有该接口访问权限。");
            }
            base.OnActionExecuting(actionContext);
        }

        /// <summary>
        /// 渠道验证
        /// </summary>
        /// <param name="identity">渠道信息</param>
        /// <returns></returns>
        protected bool ValidChannel(ChannelIdentity identity)
        {
            ChannelsService svr = new ChannelsService();
            try
            {
                return svr.ValidateChannel(identity.SecretKey, identity.AppKey);
            }
            catch (Exception ex)
            {
                Logger.Warn("ChannelActionFilterAttribute[ValidChannel]:渠道来源校验时发生异常", ex);
                return false;
            }
           
        }

        /// <summary>
        /// 获取渠道信息
        /// </summary>
        /// <param name="actionContext"></param>
        protected ChannelIdentity ParseHeader(HttpActionContext actionContext)
        {
            IEnumerable<string> secretKeys = null;
            IEnumerable<string> appKeys = null;
            string secretKey = string.Empty;
            string appKey = string.Empty;
            if(actionContext.Request.Headers.TryGetValues("SecretKey", out secretKeys))
            {
                foreach (var key in secretKeys)
                {
                    secretKey = key;
                    break;
                }
            }

            if (actionContext.Request.Headers.TryGetValues("AppKey", out appKeys))
            {
                foreach (var key in appKeys)
                {
                    appKey = key;
                    break;
                }
            }

            if (!string.IsNullOrEmpty(secretKey) && !string.IsNullOrEmpty(appKey))
            {
                return new ChannelIdentity(secretKey, appKey);
            }
            return null;
        }
    }
复制代码

控制器controller中使用过滤器:

  /// <summary>
    /// 用户管理
    /// </summary>
    [ChannelActionFilter, RoutePrefix("Media/Users")]
    public class UsersController : ApiController
    {
        //todo
    }

 

posted @   大空白纸  阅读(350)  评论(0编辑  收藏  举报
编辑推荐:
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
阅读排行:
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
点击右上角即可分享
微信分享提示