|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
using System; using System.Linq; using System.Web; using System.Web.Http; using System.Web.Security; namespace OtherApi.Auth { public class AuthFilterOutside : AuthorizeAttribute { //重写基类的验证方式,加入我们自定义的Ticket验证 public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext) { //url获取token var content = actionContext.Request.Properties["MS_HttpContext"] as HttpContextBase; var token = content.Request.Headers["Token"]; if (!string.IsNullOrEmpty(token)) { //解密用户ticket,并校验用户名密码是否匹配 if (ValidateTicket(token)) { base.IsAuthorized(actionContext); } else { HandleUnauthorizedRequest(actionContext); } } //如果取不到身份验证信息,并且不允许匿名访问,则返回未验证401 else { var attributes = actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().OfType<AllowAnonymousAttribute>(); bool isAnonymous = attributes.Any(a => a is AllowAnonymousAttribute); if (isAnonymous) base.OnAuthorization(actionContext); else HandleUnauthorizedRequest(actionContext); } } //校验票据(数据库数据匹配) private bool ValidateTicket(string encryptToken) { bool flag = false; try { //获取数据库Token Dec.Models.TicketAuth model = Dec.BLL.TicketAuth.GetTicketAuthByToken(encryptToken); if (model.Token == encryptToken) //存在 { //未超时 flag = (DateTime.Now <= model.ExpireDate) ? true : false; } } catch (Exception ex) { } return flag; } } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 |
using System; using System.Web; using System.Web.Http; using System.Web.Security; using System.Net.Http; using System.Collections.Generic; using Newtonsoft.Json; using Newtonsoft.Json.Linq; using System.Text; using OtherApi.Auth; //引用验证 namespace SpiderApi.Controllers { /// <summary> /// 用户授权接口 /// </summary> public class AccountController : ApiController { #region 用户登录授权 /// <summary> /// 用户登录授权 /// </summary> /// <param name="username">用户名</param> /// <param name="password">密码</param> /// <returns></returns> [Route("api/account/login")] [HttpGet] public HttpResponseMessage Login(string username, string password) { //定义 ResponseResult obj = new ResponseResult(); var model = GetLoginModel(username, password); if (model != null) { int userId = model.UserId; string Token = UntilHelper.Md5Encode(UntilHelper.GetExtGuidID(), 32); var dtNow = DateTime.Now; #region 将身份信息保存票据表中,验证当前请求是否是有效请求 //判断此用户是否存在票据信息 if (Dec.BLL.TicketAuth.GetTicketAuthByUserId(userId) != null) { //清空重置 Dec.BLL.TicketAuth.DeleteByUserId(userId); } Dec.Models.TicketAuth ticket = new Dec.Models.TicketAuth(); ticket.UserID = userId; ticket.Token = Token; ticket.CreateDate = dtNow; ticket.ExpireDate = dtNow.AddMinutes(30); //30分钟过期 Dec.BLL.TicketAuth.Add(ticket); #endregion //返回信息 obj.status = true; obj.message = "用户登录成功"; JObject jo = new JObject(); jo.Add("userid", userId); jo.Add("loginname", model.LoginName); jo.Add("nickname", model.NickName); jo.Add("usertype", model.UserType); //(int)UserTypeEnum.Seller jo.Add("token", Token); obj.info = jo; } else { obj.status = false; obj.message = "用户登录失败"; } var resultObj = JsonConvert.SerializeObject(obj, Formatting.Indented); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(resultObj, Encoding.GetEncoding("UTF-8"), "application/json") }; return result; } #endregion #region 用户退出登录,清空Token /// <summary> /// 用户退出登录,清空Token /// </summary> /// <param name="userId">用户ID</param> /// <returns></returns> [Route("api/account/loginout")] [HttpGet] public HttpResponseMessage LoginOut(int userId) { //定义 ResponseResult obj = new ResponseResult(); try { //清空数据库该用户票据数据 Dec.BLL.TicketAuth.DeleteByUserId(userId); } catch (Exception ex) { } //返回信息 obj.status = true; obj.message = "成功退出"; var resultObj = JsonConvert.SerializeObject(obj); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(resultObj, Encoding.GetEncoding("UTF-8"), "application/json") }; return result; } #endregion #region 查询Token是否有效 /// <summary> /// 查询Token是否有效 /// </summary> /// <param name="token">token</param> /// <returns></returns> [Route("api/account/validatetoken")] [HttpGet] public HttpResponseMessage ValidateToken(string token) { //定义 ResponseResult obj = new ResponseResult(); bool flag = ValidateTicket(token); if (flag) { //返回信息 obj.status = true; obj.message = "token有效"; } else { obj.status = false; obj.message = "token无效"; } var resultObj = JsonConvert.SerializeObject(obj); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(resultObj, Encoding.GetEncoding("UTF-8"), "application/json") }; return result; } #endregion #region 获取用户账户余额 /// <summary> /// 获取用户账户余额 /// </summary> /// <param name="userId">用户ID</param> /// <returns></returns> [Route("api/account/amount")] [HttpGet] [AuthFilterOutside] //添加验证 public HttpResponseMessage GetAmount(int userId) { //定义 ResponseResult obj = new ResponseResult(); //获取数据库数据 Dec.Models.UserInfo model = Dec.BLL.UserInfo.GetUserInfoByUserId(userId); if (model != null) { //返回信息 obj.status = true; obj.message = "获取用户账户余额成功"; JObject jo = new JObject(); jo.Add("userid", model.UserId); jo.Add("amount", model.Amount); obj.info = jo; } else { obj.status = false; obj.message = "获取用户账户余额失败"; } var resultObj = JsonConvert.SerializeObject(obj); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(resultObj, Encoding.GetEncoding("UTF-8"), "application/json") }; return result; } #endregion /// <summary> /// 用户充值接口 /// </summary> /// <param name="userid">用户ID</param> /// <param name="amount">充值金额</param> /// <returns></returns> [Route("api/account/recharge")] [HttpGet] [AuthFilterInside] public HttpResponseMessage Recharge(string userid, double amount) { //定义 ResponseResult obj = new ResponseResult(); //获取数据库数据 //返回信息 obj.status = true; obj.message = "操作成功,请等待第三方支付平台返回通知核实是否到账"; JObject jo = new JObject(); jo.Add("userid", "123456789"); jo.Add("amount", 125.80); obj.info = jo; var resultObj = JsonConvert.SerializeObject(obj); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(resultObj, Encoding.GetEncoding("UTF-8"), "application/json") }; return result; } #region 验证票据是否有效 /// <summary> /// 验证票据是否有效 /// </summary> /// <param name="encryptToken">token</param> /// <returns></returns> private bool ValidateTicket(string encryptToken) { bool flag = false; try { //获取数据库Token Dec.Models.TicketAuth model = Dec.BLL.TicketAuth.GetTicketAuthByToken(encryptToken); if (model.Token == encryptToken) //存在 { //未超时 flag = (DateTime.Now <= model.ExpireDate) ? true : false; } } catch (Exception ex) { } return flag; } #endregion #region 用户登录 /// <summary> /// 用户登录 /// </summary> /// <param name="userName">用户名</param> /// <param name="userPwd">密码</param> /// <returns></returns> private Dec.Models.UserInfo GetLoginModel(string userName, string userPwd) { Dec.Models.UserInfo model = new Dec.Models.UserInfo(); try { if (!string.IsNullOrWhiteSpace(userName) && !string.IsNullOrWhiteSpace(userPwd)) { //数据库比对 model = Dec.BLL.UserInfo.GetUserInfoByUserNamePwd(userName, UntilHelper.Md5Encode(userPwd, 32)); } } catch (Exception ex) { } return model; } #endregion } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
////////////////////////////////////////////////////////////////// using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Http; using System.Web.Mvc; using System.Web.Routing; namespace SpiderApi { public class WebApiApplication : System.Web.HttpApplication { protected void Application_Start() { //WebApi文档 AreaRegistration.RegisterAllAreas(); GlobalConfiguration.Configure(WebApiConfig.Register); } protected void Application_PostAuthorizeRequest() { //Enable Session HttpContext.Current.SetSessionStateBehavior(System.Web.SessionState.SessionStateBehavior.Required); } } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
// Uncomment the following to provide samples for PageResult<T>. Must also add the Microsoft.AspNet.WebApi.OData // package to your project. 先安装Help Page包 HelpPage=>App_start=>HelpPageConfig.cs ////#define Handle_PageResultOfT using System; using System.Collections; using System.Collections.Generic; using System.Diagnostics; using System.Diagnostics.CodeAnalysis; using System.Linq; using System.Net.Http.Headers; using System.Reflection; using System.Web; using System.Web.Http; using SpiderApi.Models; #if Handle_PageResultOfT using System.Web.Http.OData; #endif namespace SpiderApi.Areas.HelpPage { /// <summary> /// Use this class to customize the Help Page. /// For example you can set a custom <see cref="System.Web.Http.Description.IDocumentationProvider"/> to supply the documentation /// or you can provide the samples for the requests/responses. /// </summary> public static class HelpPageConfig { [SuppressMessage("Microsoft.Globalization", "CA1303:Do not pass literals as localized parameters", MessageId = "SpiderApi.Areas.HelpPage.TextSample.#ctor(System.String)", Justification = "End users may choose to merge this string with existing localized resources.")] [SuppressMessage("Microsoft.Naming", "CA2204:Literals should be spelled correctly", MessageId = "bsonspec", Justification = "Part of a URI.")] public static void Register(HttpConfiguration config) { //// Uncomment the following to use the documentation from XML documentation file. //开启解析 config.SetDocumentationProvider(new XmlDocumentationProvider(HttpContext.Current.Server.MapPath("~/Bin/SpiderApi.XML"))); //// Uncomment the following to use "sample string" as the sample for all actions that have string as the body parameter or return type. //// Also, the string arrays will be used for IEnumerable<string>. The sample objects will be serialized into different media type //// formats by the available formatters. //config.SetSampleObjects(new Dictionary<Type, object> //{ // {typeof(string), "sample string"}, // {typeof(IEnumerable<string>), new string[]{"sample 1", "sample 2"}} //}); //添加映射 config.SetSampleResponse(Sample.BatchSendMessageResponse(), new MediaTypeHeaderValue("text/json"), "MessageQueue", "BatchSendMessage"); config.SetSampleResponse(Sample.BatchReceiveMessageResponse(), new MediaTypeHeaderValue("text/json"), "MessageQueue", "BatchReceiveMessage"); config.SetSampleResponse(Sample.DeleteMessageResponse(), new MediaTypeHeaderValue("text/json"), "MessageQueue", "DeleteMessage"); config.SetSampleResponse(Sample.BatchDeleteMessageResponse(), new MediaTypeHeaderValue("text/json"), "MessageQueue", "BatchDeleteMessage"); config.SetSampleResponse(Sample.ChangeMessageVisibilityResponse(), new MediaTypeHeaderValue("text/json"), "MessageQueue", "ChangeMessageVisibility"); // Extend the following to provide factories for types not handled automatically (those lacking parameterless // constructors) or for which you prefer to use non-default property values. Line below provides a fallback // since automatic handling will fail and GeneratePageResult handles only a single type. #if Handle_PageResultOfT config.GetHelpPageSampleGenerator().SampleObjectFactories.Add(GeneratePageResult); #endif // Extend the following to use a preset object directly as the sample for all actions that support a media // type, regardless of the body parameter or return type. The lines below avoid display of binary content. // The BsonMediaTypeFormatter (if available) is not used to serialize the TextSample object. config.SetSampleForMediaType( new TextSample("Binary JSON content. See http://bsonspec.org for details."), new MediaTypeHeaderValue("application/bson")); //// Uncomment the following to use "[0]=foo&[1]=bar" directly as the sample for all actions that support form URL encoded format //// and have IEnumerable<string> as the body parameter or return type. //config.SetSampleForType("[0]=foo&[1]=bar", new MediaTypeHeaderValue("application/x-www-form-urlencoded"), typeof(IEnumerable<string>)); //// Uncomment the following to use "1234" directly as the request sample for media type "text/plain" on the controller named "Values" //// and action named "Put". //config.SetSampleRequest("1234", new MediaTypeHeaderValue("text/plain"), "Values", "Put"); //// Uncomment the following to use the image on "../images/aspNetHome.png" directly as the response sample for media type "image/png" //// on the controller named "Values" and action named "Get" with parameter "id". //config.SetSampleResponse(new ImageSample("../images/aspNetHome.png"), new MediaTypeHeaderValue("image/png"), "Values", "Get", "id"); //// Uncomment the following to correct the sample request when the action expects an HttpRequestMessage with ObjectContent<string>. //// The sample will be generated as if the controller named "Values" and action named "Get" were having string as the body parameter. //config.SetActualRequestType(typeof(string), "Values", "Get"); //// Uncomment the following to correct the sample response when the action returns an HttpResponseMessage with ObjectContent<string>. //// The sample will be generated as if the controller named "Values" and action named "Post" were returning a string. //config.SetActualResponseType(typeof(string), "Values", "Post"); } #if Handle_PageResultOfT private static object GeneratePageResult(HelpPageSampleGenerator sampleGenerator, Type type) { if (type.IsGenericType) { Type openGenericType = type.GetGenericTypeDefinition(); if (openGenericType == typeof(PageResult<>)) { // Get the T in PageResult<T> Type[] typeParameters = type.GetGenericArguments(); Debug.Assert(typeParameters.Length == 1); // Create an enumeration to pass as the first parameter to the PageResult<T> constuctor Type itemsType = typeof(List<>).MakeGenericType(typeParameters); object items = sampleGenerator.GetSampleObject(itemsType); // Fill in the other information needed to invoke the PageResult<T> constuctor Type[] parameterTypes = new Type[] { itemsType, typeof(Uri), typeof(long?), }; object[] parameters = new object[] { items, null, (long)ObjectGenerator.DefaultCollectionSize, }; // Call PageResult(IEnumerable<T> items, Uri nextPageLink, long? count) constructor ConstructorInfo constructor = type.GetConstructor(parameterTypes); return constructor.Invoke(parameters); } } return null; } #endif } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
/* API接口测试工具 - WebApiTestClient使用--Nuget引入组件 --A Simple Test Client for ASP.NET Web API */ /* 1、修改Api.cshtml文件 通过上述步骤,就能将组件WebAPITestClient引入进来。下面我们只需要做一件事:打开文件 (根据 Areas\HelpPage\Views\Help) Api.cshtml 并添加以下内容: @Html.DisplayForModel("TestClientDialogs") @Html.DisplayForModel("TestClientReferences") 添加后Api.cshtml文件的代码如下 */ @using System.Web.Http @using WebApiTestClient.Areas.HelpPage.Models @model HelpPageApiModel @{ var description = Model.ApiDescription; ViewBag.Title = description.HttpMethod.Method + " " + description.RelativePath; } <link type="text/css" href="~/Areas/HelpPage/HelpPage.css" rel="stylesheet" /> <div id="body" class="help-page"> <section class="featured"> <div class="content-wrapper"> <p> @Html.ActionLink("Help Page Home", "Index") </p> </div> </section> <section class="content-wrapper main-content clear-fix"> @Html.DisplayForModel() </section> </div> @Html.DisplayForModel("TestClientDialogs") @section Scripts{ <link href="~/Areas/HelpPage/HelpPage.css" rel="stylesheet" /> @Html.DisplayForModel("TestClientReferences") } |
from:http://blog.csdn.net/smartsmile2012/article/details/52936011