關於ASP.NET Web API 客戶端的請求報文中新增 Authorization
阿新 • • 發佈:2019-01-06
public class ReqAuthorizeAttribute:System.Web.Http.AuthorizeAttribute
{
/// <summary>
/// 進行驗證
/// </summary>
/// <param name="actionContext"></param>
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization != null)
{
//獲取請求的 認證資訊(解密) 13e6ba0ee6f8559324efe6a3c51909f1
string authPa = (actionContext.Request.Headers.Authorization.Parameter).Decrypt();
string userInfo = "yst:juli";
//判斷認證資訊是否正確
if (string.Equals(authPa, userInfo))
{
IsAuthorized(actionContext);
}
else
{
HandleUnauthorizedRequest(actionContext);
}
}
else
{
HandleUnauthorizedRequest(actionContext);
}
}
/// <summary>
/// 驗證不通過 返回401
/// </summary>
/// <param name="actionContext"></param>
protected override void HandleUnauthorizedRequest(System.Web.Http.Controllers.HttpActionContext actionContext)
{
var challengeMsg = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
challengeMsg.Headers.Add("WWW-Authenticate", "Basic");
throw new System.Web.Http.HttpResponseException(challengeMsg);
}
}