API
//添加一个自定义过滤器
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using System.Web.Security;
namespace Web2
{
public class ApiSecretFilter : ActionFilterAttribute
{
//请求有效性验证
//合法请求为 带有 时间戳+随机数+数据(get/post)+数字签名(token)
//数字签名=时间戳+随机数+私钥+数据 进行md5加密后的字符串
public override void OnActionExecuting(HttpActionContext actionContext)
{
string staffid = "p889aabbc#@";
string timestamp = string.Empty, nonce = string.Empty, singture = string.Empty;
//消息头中的关键数据
if (actionContext.Request.Headers.Contains("timestamp"))
{
timestamp = actionContext.Request.Headers.GetValues("timestamp