using Common.Models.UnqTables; using Common.Utils; using Newtonsoft.Json; using Server.MyClass.Class; using Server.Utils; using System; using System.Collections.Generic; using System.Collections.Specialized; using System.Linq; using System.Net.Http; using System.Text; using System.Threading; using System.Threading.Tasks; using System.Web.Http; using System.Web.Http.Controllers; using System.Web.Http.Filters; namespace Server.Controllers { public class PageResult { /// /// 下一页 /// public bool IsNext { get; set; } /// /// 上一页 /// public bool IsBack { get; set; } /// /// 数据 /// public Object Datas { get; set; } /// /// 总数量 /// public int TotalNumber { get; set; } /// /// 每页显示条数 /// public int PageSize { get; set; } /// /// 总页码 /// public int PageNumber { get; set; } /// /// 当前页码 /// public int PageIndex { get; set; } public PageResult(List Datas, int TotalNumber, int PageSize, int PageIndex) { if (PageIndex <= 0 || PageSize <= 0) throw new Exception("Index或PageSize 有问题,请检查"); if (PageSize > 100) throw new Exception("每页查询数量,不能超过100"); PageNumber = 1; if (TotalNumber != 0 && PageSize > 0) { PageNumber = TotalNumber / PageSize; if (TotalNumber % PageSize != 0) PageNumber++; } this.Datas = Datas; this.TotalNumber = TotalNumber; this.PageNumber = PageNumber; this.PageSize = PageSize; this.PageIndex = PageIndex; this.IsBack = PageIndex > 1; this.IsNext = PageIndex < PageNumber; } } public class WebResult { /// /// 请求是否成功 /// public bool Ok { get; set; } /// /// 返回信息 /// public object Data { get; set; } /// /// 消耗时长 /// public double Time { get; set; } } internal class ErrorFilterAttribute : ExceptionFilterAttribute { private DateTime startTime = DateTime.Now; public override void OnException(HttpActionExecutedContext actionExecutedContext) { var rst = new WebResult() { Ok = false, Data = actionExecutedContext.Exception.Message }; rst.Time = Math.Round((DateTime.Now - startTime).TotalSeconds, 5); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(rst), Encoding.GetEncoding("UTF-8"), "application/json") }; actionExecutedContext.Response = result; } } public class DefaultController : ApiController { protected UserSession Session { get; set; } public string ControllerName { get; private set; } private const string WebAppsecret = "d3913942-3c9f-1340-2091-c384196b6111"; private static List NotloginActions = new List() { "login", "logintaobaoresult", "getcaptch", "checkcaptch", "upload", "getwebinfo" }; private static List NotCheckAcions = new List() { "logintaobaocallback", "pinduoduo", "vip" }; private static List NotCheckRoleController = new List() { "Com", "Resources" }; public override async Task ExecuteAsync(HttpControllerContext controllerContext, CancellationToken cancellationToken) { /* 验证逻辑:从header中提取type,如果是web表示正常浏览器请求用默认的appsecret验证签名,如果是api是免登录api验证 */ var req = controllerContext.Request; ControllerName = req.RequestUri.AbsolutePath.Split(new char[] { '/' }).FirstOrDefault(p => !string.IsNullOrEmpty(p)).ToLower(); var ActionName = req.RequestUri.Segments.LastOrDefault(p => !string.IsNullOrEmpty(p)).ToLower().Replace("/", "").Replace("&", ""); if (NotCheckAcions.Any(p => p.ToLower() == ActionName)) { return await base.ExecuteAsync(controllerContext, cancellationToken); } try { if (!req.Headers.Contains("type")) { throw new Exception("Illegal request 1"); } var type = req.Headers.GetValues("type").FirstOrDefault(); if (type != "api" && type != "web") { throw new Exception("Illegal request 2"); } Dictionary param = new Dictionary(); var contentType = req.Content.Headers.ContentType; if (contentType.MediaType != "multipart/form-data") { //获取请求参数 Param = await req.Content.ReadAsFormDataAsync(cancellationToken); foreach (var item in Param.AllKeys) { var v = Param.Get(item); if (!string.IsNullOrEmpty(v)) { param.Add(item, v); } } } else { Param = new NameValueCollection(); var paras = req.GetQueryNameValuePairs(); foreach (var item in paras) { param[item.Key] = item.Value; Param[item.Key] = item.Value; } } var time = req.Headers.GetValues("time").FirstOrDefault(); //设置appsecret,如果是web需要增加token和uid的值纳入sign判断条件 string token = string.Empty; int uid = 0; var appsecret = string.Empty; if (type == "web") { appsecret = WebAppsecret; //如果是web请求一定会携带uid和token,但未登录可能是空字符串不参与sign验证 if (!req.Headers.Contains("u_token") || !req.Headers.Contains("u_id")) throw new Exception("Illegal request 3"); token = req.Headers.GetValues("u_token").FirstOrDefault(); if (!string.IsNullOrEmpty(token)) param.Add("u_token", token); var uidstr = req.Headers.GetValues("u_id").FirstOrDefault(); if (!string.IsNullOrEmpty(uidstr)) { uid = int.Parse(uidstr); param.Add("u_id", uidstr); } } else if (type == "api") { appsecret = Client.Config.Appsecret; } //验证sign if (contentType.MediaType != "multipart/form-data") { var sign = Util.SignTopRequest(param, appsecret, time); if (sign != req.Headers.GetValues("sign").FirstOrDefault()) { throw new Exception("Sign Error!!!"); } } //如果是web请求,需要验证是否登录 if (type == "web" && !NotloginActions.Any(p => p.ToLower() == ActionName)) { if (Client.OnlineUsers.TryGetValue(uid, out var session) && session != null) { Session = session; Session.RequestTime = DateTime.Now; if (session.RoleId != 0 && session.RoleId != 1) { //权限验证 if (!NotCheckRoleController.Contains(ControllerName)) { var Role = Db.Queryable().Where(f => f.Id == session.RoleId).WithCache().First(); if (Role.Name != "超级管理员" && !Role.ControllerNames.Any(p => p.ToLower() == ControllerName)) { throw new Exception("权限不足,暂时无法访问此接口!"); } } } } else { throw new Exception("登录失效,请重新登录!"); } } return await base.ExecuteAsync(controllerContext, cancellationToken); } catch (Exception ex) { var rst = PutData(ex.Message); HttpResponseMessage result = new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(rst), Encoding.GetEncoding("UTF-8"), "application/json") }; return await Task.FromResult(result); } } internal Client Client { get { return Client.SingleClient; } } internal SqlSugar.SqlSugarClient Db { get { return Client.Db; } } protected NameValueCollection Param { get; private set; } protected string GetString(string Name, bool NotNull = false) { var v = Param?.Get(Name); if (string.IsNullOrEmpty(v) && NotNull) throw new Exception("错误,缺少必要参数未输入!"); return v; } protected List GetStringList(string Name, bool NotNull = false) { var v = Param?.Get(Name); if (string.IsNullOrEmpty(v) && NotNull) throw new Exception("错误,缺少必要参数未输入!"); if (string.IsNullOrEmpty(v)) return new List(); else return JsonConvert.DeserializeObject>(v); } protected List GetIntList(string Name, bool NotNull = false) { var v = Param?.Get(Name); if (string.IsNullOrEmpty(v) && NotNull) throw new Exception("错误,缺少必要参数未输入!"); if (string.IsNullOrEmpty(v)) return new List(); else return JsonConvert.DeserializeObject>(v); } protected DateTime GetTime(string Name, bool NotNull = false) { var time = DateTime.MinValue; DateTime.TryParse(GetString(Name, NotNull), out time); return time; } protected T GetEnum(string Name, bool NotNull = false) { var v = GetString(Name, NotNull); if (!string.IsNullOrEmpty(v)) return (T)Enum.Parse(typeof(T), v); else return (T)Enum.Parse(typeof(T), "0"); } protected int GetInt(string Name, bool NotNull = false) { var rst = GetString(Name, NotNull); int outRst = -1; var flag = int.TryParse(rst, out outRst); if (NotNull && !flag) throw new Exception("您输入的【" + rst + "】不是一个有效的Int类型!"); return outRst; } protected double GetDouble(string Name, bool NotNull = false) { var rst = GetString(Name, NotNull); double outRst = -1; var flag = Double.TryParse(rst, out outRst); if (NotNull && !flag) throw new Exception("您输入的【" + rst + "】不是一个有效的Double类型!"); return outRst; } protected long GetLong(string Name, bool NotNull = false) { var rst = GetString(Name, NotNull); long outRst = 0; var flag = long.TryParse(rst, out outRst); if (NotNull && !flag) throw new Exception("您输入的【" + rst + "】不是一个有效的Long类型!"); return outRst; } protected bool GetBoolean(string Name, bool NotNull = false) { var rst = GetString(Name, NotNull); bool outRst = false; bool.TryParse(rst, out outRst); return outRst; } private DateTime startTime = DateTime.Now; public WebResult PutData(object Data) { WebResult Ret = null; if (Data == null) { Ret = new WebResult(); Ret.Ok = true; Ret.Data = null; } else if (Data.GetType() == typeof(Exception)) { Ret = new WebResult(); var e = Data as Exception; Ret.Ok = false; Ret.Data = e.Message; } else if (Data is string) { Ret = new WebResult(); Ret.Ok = false; Ret.Data = Data; } else if (Data.GetType() == typeof(WebResult)) { Ret = Data as WebResult; } else { Ret = new WebResult(); Ret.Ok = true; Ret.Data = Data; } Ret.Time = Math.Round((DateTime.Now - startTime).TotalSeconds, 5); return Ret; } public WebResult PutSuccess { get { return PutData(new WebResult() { Ok = true, Data = "操作成功" }); } } public WebResult PutError { get { return PutData(new WebResult() { Ok = false, Data = "系统繁忙,请稍后重试" }); } } } }