/// <summary>
/// API签名验证方法
/// </summary>
/// <param name="keys">参数集合,不包含appId,sign参数</param>
/// <param name="secret">密钥</param>
/// <returns></returns>
public static string GetSign(Dictionary<string, string> keys, string secret)
{
string sign = null;
var exculeKeys = new[] { "appid", "sign" };
if (string.IsNullOrEmpty(secret)) return sign;
keys = keys.ToDictionary(a => a.Key.ToLower(), a => a.Value);
var paramKeys = keys.Where(a => !exculeKeys.Contains(a.Key)).OrderBy(a => a.Key).ToDictionary(a => a.Key, a => a.Value);
string stringA = string.Join("&", paramKeys.Select(a => $"{a.Key}={a.Value}")) + secret;
sign = MD5(stringA.Trim()).ToUpper();
return sign;
}
调用
[HttpPost]
[Route("Login")]
public IActionResult Login(UserInfo req)
{
var json = new Dictionary<string, object>();
try
{
//表单提交获取请求值 AddParameter
var allKeys = new Dictionary<string, string>();
HttpRequest request = HttpContext.Request;
if (request.ContentLength > 0)
{
var collection = request.Form;
foreach (string key in collection.Keys)
{
if (!allKeys.ContainsKey(key))
{
allKeys.Add(key.Trim(), collection[key]);
}
}
}
if (!allKeys.ContainsKey("sign"))
{
return Utils.ToResult(json, "sign不能为空!");
}
string sign = Utils.GetSign(allKeys, Utils.Secret);
if (allKeys.ContainsKey("sign"))
{
string dicSign = (string)allKeys["sign"];
if (sign != dicSign)
{
return Utils.ToResult(json, "验证签名失败!");
}
}
json["name"] = req.name;
json["pwd"] = req.pwd;
json["sign"] = sign;
return Utils.ToSuccessResult(json, "登陆成功!");
}
catch (Exception ex)
{
Utils.PrintLog("登陆异常:" + ex.Message, "Login");
return Utils.ToResult(json, "登陆异常:" + ex.Message);
}
}