第一步、新建AuthFilterAttribute类
1 public class AuthFilterAttribute : AuthorizeAttribute 2 { 3 public override void OnAuthorization(HttpActionContext actionContext) 4 { 5 //如果用户方位的Action带有AllowAnonymousAttribute,则不进行授权验证 6 if (actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any()) 7 { 8 return; 9 } 10 if (actionContext.Request.Headers.Authorization != null) 11 { 12 string userInfo = Encoding.Default.GetString(Convert.FromBase64String(actionContext.Request.Headers.Authorization.Parameter)); 13 //用户验证逻辑 14 if (string.Equals(userInfo, string.Format("{0}:{1}", "Parry", "123456"))) 15 { 16 IsAuthorized(actionContext); 17 } 18 else 19 { 20 HandleUnauthorizedRequest(actionContext); 21 } 22 } 23 else 24 { 25 HandleUnauthorizedRequest(actionContext); 26 } 27 } 28 29 }
第二步、注册全局Filter
在WebApiConfig类中添加以下代码
//注册全局Filter config.Filters.Add(new AuthFilterAttribute());
第三步、客户端验证
1.通过NuGet方便引入到任何项目 ( Install-Package restsharp )
2.客户端代码
1 var client = new RestClient("http://192.168.0.102:8003/API/Order/get"); 2 var request = new RestRequest(Method.GET); 3 request.AddHeader("Postman-Token", "b5cb9faf-e1f1-484c-b14a-5f90af60a074"); 4 request.AddHeader("Cache-Control", "no-cache"); 5 request.AddHeader("Authorization", "Basic UGFycnk6MTIzNDU2"); 6 IRestResponse response = client.Execute(request);