diff --git a/Api/Ewide.Core/Ewide.Core.Common/BaseDisplayJSON.cs b/Api/Ewide.Core/Ewide.Core.Common/BaseDisplayJSON.cs
index 246188e..a0ec5bc 100644
--- a/Api/Ewide.Core/Ewide.Core.Common/BaseDisplayJSON.cs
+++ b/Api/Ewide.Core/Ewide.Core.Common/BaseDisplayJSON.cs
@@ -10,53 +10,58 @@ namespace Ewide.Core.Common
{
public class BaseDisplayJSON
{
- public static object DisplayJSON(object obj)
+ public static object DeserializeJSON(object obj)
{
- var _result = JsonConvert.SerializeObject(obj, Formatting.Indented, new JsonSerializerSettings
- {
- ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver(),
- DateFormatString = "yyyy-MM-dd HH:mm:ss"
- });
+ var _result = SerializeJSON(obj);
return JsonConvert.DeserializeObject(_result);
}
- public static object Display(HttpStatusCode status, object result)
+ public static string SerializeJSON(object obj)
{
- return new
+ return JsonConvert.SerializeObject(obj, Formatting.Indented, new JsonSerializerSettings
+ {
+ ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver(),
+ DateFormatString = "yyyy-MM-dd HH:mm:ss"
+ });
+ }
+
+ public static object JSON(HttpStatusCode status, object result)
+ {
+ return DeserializeJSON(new
{
Status = status,
Result = result
- };
+ });
}
- public static object Display(HttpStatusCode status, string message)
+ public static object JSON(HttpStatusCode status, string message)
{
- return new
+ return DeserializeJSON(new
{
Status = status,
Message = message
- };
+ });
}
public static object Ok(object result)
{
- return Display(HttpStatusCode.OK, result);
+ return JSON(HttpStatusCode.OK, result);
}
public static object Ok(string message)
{
- return Display(HttpStatusCode.OK, message);
+ return JSON(HttpStatusCode.OK, message);
}
public static object Error(string message)
{
- return Display(HttpStatusCode.InternalServerError, message);
+ return JSON(HttpStatusCode.InternalServerError, message);
}
public static object Unauthorized(string message)
{
- return Display(HttpStatusCode.Unauthorized, message);
+ return JSON(HttpStatusCode.Unauthorized, message);
}
}
}
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundControllerActionSelector.cs b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundControllerActionSelector.cs
index f5521ef..36efbde 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundControllerActionSelector.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundControllerActionSelector.cs
@@ -27,7 +27,7 @@ namespace Ewide.Core.WebApi
catch (HttpResponseException ex)
{
var code = ex.Response.StatusCode;
- var result = BaseDisplayJSON.Display(code, code == HttpStatusCode.NotFound ? "找不到接口,请确认接口地址是否正确" : "请求方式错误");
+ var result = BaseDisplayJSON.JSON(code, code == HttpStatusCode.NotFound ? "找不到接口,请确认接口地址是否正确" : "请求方式错误");
if (code == HttpStatusCode.NotFound || code == HttpStatusCode.MethodNotAllowed)
{
ex.Response.Content = new ObjectContent(result.GetType(), result, formatter);
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundDefaultHttpControllerSelector.cs b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundDefaultHttpControllerSelector.cs
index dbff10e..788e3fe 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundDefaultHttpControllerSelector.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpNotFoundDefaultHttpControllerSelector.cs
@@ -28,7 +28,7 @@ namespace Ewide.Core.WebApi
catch (HttpResponseException ex)
{
var code = ex.Response.StatusCode;
- var result = BaseDisplayJSON.Display(code, "找不到接口,请确认接口地址是否正确");
+ var result = BaseDisplayJSON.JSON(code, "找不到接口,请确认接口地址是否正确");
if (code == HttpStatusCode.NotFound || code == HttpStatusCode.MethodNotAllowed)
{
ex.Response.Content = new ObjectContent(result.GetType(), result, formatter);
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpWebApiControllerActionInvoker.cs b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpWebApiControllerActionInvoker.cs
index 6b65287..2d56402 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpWebApiControllerActionInvoker.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/Filters/HttpWebApiControllerActionInvoker.cs
@@ -28,11 +28,11 @@ namespace Ewide.Core.WebApi
var baseException = responseMessage.Exception.InnerExceptions[0];
var message = baseException.Message;
- var result = BaseDisplayJSON.Display(HttpStatusCode.InternalServerError, message);
+ var result = BaseDisplayJSON.JSON(HttpStatusCode.InternalServerError, message);
if (baseException is TimeoutException)
{
- result = BaseDisplayJSON.Display(HttpStatusCode.RequestTimeout, message);
+ result = BaseDisplayJSON.JSON(HttpStatusCode.RequestTimeout, message);
}
return Task.Run(() => new HttpResponseMessage()
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/WebApiConfig.cs b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/WebApiConfig.cs
index 57bc177..a71cf13 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/WebApiConfig.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/App_Start/WebApiConfig.cs
@@ -32,6 +32,7 @@ namespace Ewide.Core.WebApi
config.Services.Replace(typeof(IHttpActionInvoker), new HttpWebApiControllerActionInvoker(config));
#endregion
+ config.Filters.Add(new ApiAuthorizeAttribute());
config.Filters.Add(new ValidateArgumentsFilter());
}
}
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/Areas/Base/Controllers/GateController.cs b/Api/Ewide.Core/Ewide.Core.WebApi/Areas/Base/Controllers/GateController.cs
index 41ca0d4..bd1cb05 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/Areas/Base/Controllers/GateController.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/Areas/Base/Controllers/GateController.cs
@@ -15,12 +15,15 @@ namespace Ewide.Core.WebApi.Areas.Base.Controllers
///
///
///
+ [ApiAuthorize(VerifyAuthorization = false)]
+ [HttpPost]
public IHttpActionResult Login(LoginDTO dto)
{
return DisplayJSON(dto);
}
[ValidateArgumentsFilter(AllowNull = true)]
+ [HttpPost]
public IHttpActionResult AllowNullAPI(LoginDTO dto)
{
return DisplayJSON(dto);
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ApiAuthorizeAttribute.cs b/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ApiAuthorizeAttribute.cs
index cb5ff32..08ac24f 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ApiAuthorizeAttribute.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ApiAuthorizeAttribute.cs
@@ -1,13 +1,65 @@
-using System;
+using Ewide.Core.Common;
+using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
+using System.Text;
using System.Web.Http;
+using System.Web.Http.Controllers;
namespace Ewide.Core.WebApi
{
+ [AttributeUsage(AttributeTargets.All, AllowMultiple = false)]
public class ApiAuthorizeAttribute : AuthorizeAttribute
{
+ ///
+ /// 是否验证权限
+ ///
+ public bool VerifyAuthorization { get; set; } = true;
+
+ public override void OnAuthorization(HttpActionContext actionContext)
+ {
+ if (!VerifyAuthorization)
+ {
+ base.IsAuthorized(actionContext);
+ return;
+ }
+
+ // 验证token
+ var authorization = actionContext.Request.Headers.Authorization;
+ if (authorization != null && !String.IsNullOrEmpty(authorization.Parameter))
+ {
+ var token = authorization.Parameter;
+ var userID = AuthorizedHelper.GetUserID(token);
+ if (!String.IsNullOrEmpty(userID))
+ {
+ base.IsAuthorized(actionContext);
+ return;
+ }
+ }
+ else
+ {
+ var attributes = actionContext.ActionDescriptor.GetCustomAttributes().OfType();
+ bool isAnonymous = attributes.Any(a => a is AllowAnonymousAttribute);
+ if (isAnonymous)
+ {
+ base.OnAuthorization(actionContext);
+ }
+ else
+ {
+ HandleUnauthorizedRequest(actionContext);
+ }
+ }
+
+ base.OnAuthorization(actionContext);
+ }
+
+ protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
+ {
+ var response = actionContext.Response = actionContext.Response ?? new HttpResponseMessage();
+ response.StatusCode = HttpStatusCode.OK;
+ response.Content = new StringContent(BaseDisplayJSON.SerializeJSON(BaseDisplayJSON.Unauthorized("权限验证失败")), Encoding.UTF8, "application/json");
+ }
}
}
\ No newline at end of file
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/BaseController.cs b/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/BaseController.cs
index 91acc3c..99cdbef 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/BaseController.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/BaseController.cs
@@ -31,7 +31,7 @@ namespace Ewide.Core.WebApi
///
private IHttpActionResult _DisplayJSON(object obj)
{
- var result = BaseDisplayJSON.DisplayJSON(obj);
+ var result = BaseDisplayJSON.DeserializeJSON(obj);
return Ok(result);
}
diff --git a/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ValidateArgumentsFilter.cs b/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ValidateArgumentsFilter.cs
index c93e493..a271a8a 100644
--- a/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ValidateArgumentsFilter.cs
+++ b/Api/Ewide.Core/Ewide.Core.WebApi/Controllers/Code/ValidateArgumentsFilter.cs
@@ -24,9 +24,7 @@ namespace Ewide.Core.WebApi
{
if (arg.Value == null)
{
- actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK,
- BaseDisplayJSON.DisplayJSON(BaseDisplayJSON.Display(HttpStatusCode.BadRequest, "参数不可为空"))
- );
+ actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, BaseDisplayJSON.JSON(HttpStatusCode.BadRequest, "参数不可为空"));
break;
}
}
@@ -71,7 +69,7 @@ namespace Ewide.Core.WebApi
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK,
- BaseDisplayJSON.DisplayJSON(BaseDisplayJSON.Display(HttpStatusCode.BadRequest, message))
+ BaseDisplayJSON.JSON(HttpStatusCode.BadRequest, message)
);
}
base.OnActionExecuting(actionContext);