asp.net web api添加自訂認證

標籤：

1、定義認證失敗結果產生器

 　　/// <summary>    /// 認證失敗結果產生器    /// </summary>    public class AuthenticationFailureResult : IHttpActionResult    {        public AuthenticationFailureResult(string reasonPhrase, HttpRequestMessage request)        {            ReasonPhrase = reasonPhrase;            Request = request;        }        public string ReasonPhrase { get; private set; }        public HttpRequestMessage Request { get; private set; }        public Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken)        {            return Task.FromResult(Execute());        }        private HttpResponseMessage Execute()        {            return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, this.ReasonPhrase);        }    }

2、定義自訂認證過濾器（基於Cookie）

/// <summary>    /// 自訂認證    /// </summary>    public class CustomAuthenticationFilter : Attribute, IAuthenticationFilter    {        public virtual bool AllowMultiple        {            get { return false; }        }        public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)        {            var principal = await this.AuthenticateAsync(context.Request);            if (principal == null)            {                context.Request.Headers.GetCookies().Clear();                context.ErrorResult = new AuthenticationFailureResult("未授權請求", context.Request);            }            else            {                context.Principal = principal;            }        }        public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)        {            return Task.FromResult(0);        }        private Task<IPrincipal> AuthenticateAsync(HttpRequestMessage request)        {            return Task.Run<IPrincipal>(() =>                {                    CookieHeaderValue cookieMobile = request.Headers.GetCookies("clientMobile").FirstOrDefault(),                        cookieToken = request.Headers.GetCookies("clientToken").FirstOrDefault();                    if (cookieMobile == null || cookieToken == null                        || string.IsNullOrWhiteSpace(cookieMobile["clientMobile"].Value)                        || string.IsNullOrWhiteSpace(cookieToken["clientToken"].Value))                    {                        return null;                    }                    string mobile = cookieMobile["clientMobile"].Value,                        token = cookieToken["clientToken"].Value;                    ClientDTO client = null;
　　　　　　　　　　　　//此處從Redis伺服器中取出指定使用者，各位可以根據需要自行更換                    using (ICache cache = ObjectContainer.Current.Resolve<ICacheFactory>().CreateCache())                    {                        client = cache.Get<ClientDTO>(RedisTables.CLIENT, mobile);                    }
　　　　　　　　　　　　//驗證使用者合法性，如果合法，構建聲明式安全主題許可權模式並返回，若使用者驗證不通過返回空                    if (client != null && string.Equals(token, Md5Helper.MD5(string.Format("{0}{1}", mobile, client.MsgCode), 32), StringComparison.Ordinal))                    {                        IEnumerable<Claim> claims = new List<Claim>()                        {                            new Claim(ClaimTypes.Name, mobile)                        };                        var identity = new ClaimsIdentity("LoanCookie");                        identity.AddClaims(claims);                        return new ClaimsPrincipal(identity);                    }                    return null;                });        }    }

3、將認證特性標記應用於全域、控制器或控制器操作，以控制器操作為例：

 

asp.net web api添加自訂認證