web api 过滤器

 /// <summary>
    /// 渠道过滤器
    /// </summary>
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false)]
    public class ChannelActionFilterAttribute : ActionFilterAttribute
    {
        /// <summary>
        /// 请求接口之前渠道过滤
        /// </summary>
        /// <param name="actionContext"></param>
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            var identity = ParseHeader(actionContext);
            if (identity == null)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden,"请求来源未知,没有该接口访问权限。");
                return;
            }
            if (!ValidChannel(identity))
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, "请求来源未知,没有该接口访问权限。");
            }
            base.OnActionExecuting(actionContext);
        }

        /// <summary>
        /// 渠道验证
        /// </summary>
        /// <param name="identity">渠道信息</param>
        /// <returns></returns>
        protected bool ValidChannel(ChannelIdentity identity)
        {
            ChannelsService svr = new ChannelsService();
            try
            {
                return svr.ValidateChannel(identity.SecretKey, identity.AppKey);
            }
            catch (Exception ex)
            {
                Logger.Warn("ChannelActionFilterAttribute[ValidChannel]:渠道来源校验时发生异常", ex);
                return false;
            }
           
        }

        /// <summary>
        /// 获取渠道信息
        /// </summary>
        /// <param name="actionContext"></param>
        protected ChannelIdentity ParseHeader(HttpActionContext actionContext)
        {
            IEnumerable<string> secretKeys = null;
            IEnumerable<string> appKeys = null;
            string secretKey = string.Empty;
            string appKey = string.Empty;
            if(actionContext.Request.Headers.TryGetValues("SecretKey", out secretKeys))
            {
                foreach (var key in secretKeys)
                {
                    secretKey = key;
                    break;
                }
            }

            if (actionContext.Request.Headers.TryGetValues("AppKey", out appKeys))
            {
                foreach (var key in appKeys)
                {
                    appKey = key;
                    break;
                }
            }

            if (!string.IsNullOrEmpty(secretKey) && !string.IsNullOrEmpty(appKey))
            {
                return new ChannelIdentity(secretKey, appKey);
            }
            return null;
        }
    }

控制器controller中使用过滤器:

  /// <summary>
    /// 用户管理
    /// </summary>
    [ChannelActionFilter, RoutePrefix("Media/Users")]
    public class UsersController : ApiController
    {
        //todo
    }

 

posted @ 2016-05-10 17:35  大空白纸  阅读(350)  评论(0编辑  收藏  举报