17,747
社区成员




public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
string Token = request.Headers.GetHeader<string>("Token", "www.test.com");
if (Token != "ABC")
{
throw new Exception("未经授权的访问!");
}
return null;
}
/// <summary>
/// 服务端检查器
/// </summary>
public class AuthenticationInspector : IDispatchMessageInspector
{
/// <summary>
/// 接收请求后执行
/// </summary>
/// <param name="request"></param>
/// <param name="channel"></param>
/// <param name="instanceContext"></param>
/// <returns></returns>
public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
// 取得客户端ip和端口
RemoteEndpointMessageProperty endpoint = request.Properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
string ss = endpoint.Address;
if (ss=="127.0.0.1" || ss=="localhost" || ss=="::1" || ss.Contains("192.168.1."))// 过滤本地来源的连接,测试环境的初始化连接也会包含进来。
{
return null;
}
// 从header中取得action名称
string action = request.Headers.Action;// 这里是关键
if (!string.IsNullOrEmpty(action)) {// 如果包含头,那么仅过滤login方法
string methodName = action.Substring(action.LastIndexOf("/")+1);
if(!String.IsNullOrEmpty(methodName) && ("UserLogin".Equals(methodName, StringComparison.InvariantCultureIgnoreCase) || "UserAuthLogin".Equals(methodName, StringComparison.InvariantCultureIgnoreCase) || "GetRegMachine".Equals(methodName, StringComparison.InvariantCultureIgnoreCase))) {// 这里过滤了三个调用名称
return null;
}
} else {
throw new Exception("未经授权的访问!");
}
// 最后验证令牌,header传递令牌安全性并不高,所以慎用。
try {
var name = request.Headers.GetHeader<String>("UserName", "123231");
var random = request.Headers.GetHeader<String>("Token", "123231");
string key = $"SERVICE_AUTH_USER_CACHE_{name}";
var user = Common.CacheHelper.GetInstance().GetCache<Models.UserModel>(key);
if(user == null) {
user = DataProvider.User.GetUserByName(name);
if(user != null && user.IsEnable == (int)Common.YesOrNo.Yes && user.Random == random) {
Common.CacheHelper.GetInstance().AddCache(key,user,30);
}
}
if(user != null && user.IsEnable == (int)Common.YesOrNo.Yes) {
return null;
} else {
throw new System.ServiceModel.FaultException("用户名不存在或密码错误!", new System.ServiceModel.FaultCode("404"));
}
} catch(Exception ) {
throw new System.ServiceModel.FaultException("禁止访问!", new System.ServiceModel.FaultCode("404"));
}
}
/// <summary>
/// 发送相应前执行, 这里放空,也可以自定义其他动作。
/// </summary>
/// <param name="reply"></param>
/// <param name="correlationState"></param>
public void BeforeSendReply(ref System.ServiceModel.Channels.Message reply, object correlationState)
{
}
}