1、此过滤器通过postman测试,通过controllerName和actionName来进行过滤,从Headers中传入uid和token来判断是否登陆成功
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using FamilyNative.IBLL;
using FamilyNative.BLL;
using FamilyNative.MODEL;
namespace FamilyNative.API.Models
{
public class CheckLoginAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
//得到controller名称
string controllerName = actionContext.ControllerContext.ControllerDescriptor.ControllerName;
string actionName = actionContext.ActionDescriptor.ActionName;
if (controllerName == "User" && (actionName == "Regist" || actionName == "Login"))
{
base.OnActionExecuting(actionContext);
return;
}
//判断Header是否包含uid和token
bool isHaveUid = actionContext.Request.Headers.Contains("uid");
bool isHaveToken = actionContext.Request.Headers.Contains("token");
if (isHaveUid && isHaveToken)
{
//ID=uid && Token=token
//bool isOK = false;
//设置Response后将会中断action的执行
int uid = Convert.ToInt32(actionContext.Request.Headers.GetValues("uid").ToList()[0]);
string token = actionContext.Request.Headers.GetValues("token").ToList()[0];
IUserBll bll = new UserBll();
List<User> list = bll.Search(x => x.ID == uid && x.Token == token);
if (list != null && list.Count == 1)
{
base.OnActionExecuting(actionContext);
return;
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, new { isLogin = false, msg = "用户名或密码错误" });
return;
}
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, new { isLogin = false, msg = "缺少必要的参数:uid和token" });
}
}
}
}
2、WebApiConfig.cs
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
// Web API 配置和服务
config.Filters.Add(new CheckLoginAttribute());
}
}