使用统一的cookie限制访问asp.net web page和asp.net web api,不过当api未授权时,跳转到了登录页面,一堆的html代码不利于被调用端的呈现和识别,故:
1. 添加Attribute: AuthCheckFilter
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net.Http;
using System.Text;
using System.Web;
using System.Web.Http.Filters;
namespace com.test
{
public class AuthCheckFilter : ActionFilterAttribute
{
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
BaseResponse resp = new BaseResponse() { Code = EReturnCodes.未授权 };
string respJson = JsonConvert.SerializeObject(resp);
byte[] bs = Encoding.UTF8.GetBytes(respJson);
HttpResponseMessage rm = new HttpResponseMessag