The first step, create a new AuthFilterAttribute class
1 public class AuthFilterAttribute : AuthorizeAttribute 2 { 3 public override void OnAuthorization(HttpActionContext actionContext) 4 { 5 // If the user's Action has AllowAnonymousAttribute, authorization verification will not be performed 6 if (actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute> (). Any()) 7 { 8 return ; 9 } 10 if (actionContext.Request.Headers.Authorization != null ) 11 { 12 string userInfo = Encoding.Default.GetString(Convert.FromBase64String(actionContext.Request.Headers.Authorization.Parameter)); 13 //用户验证逻辑 14 if (string.Equals(userInfo, string.Format("{0}:{1}", "Parry", "123456"))) 15 { 16 IsAuthorized(actionContext); 17 } 18 else 19 { 20 HandleUnauthorizedRequest(actionContext); 21 } 22 } 23 else 24 { 25 HandleUnauthorizedRequest(actionContext); 26 } 27 } 28 29 }
The second step, register the global Filter
Add the following code in the WebApiConfig class
// Register global Filter config.Filters.Add( new AuthFilterAttribute());
The third step, client authentication
1. It can be easily introduced into any project through NuGet ( Install-Package restsharp )
2. Client code
1 var client = new RestClient("http://192.168.0.102:8003/API/Order/get"); 2 var request = new RestRequest(Method.GET); 3 request.AddHeader("Postman-Token", "b5cb9faf-e1f1-484c-b14a-5f90af60a074"); 4 request.AddHeader("Cache-Control", "no-cache"); 5 request.AddHeader("Authorization", "Basic UGFycnk6MTIzNDU2"); 6 IRestResponse response = client.Execute(request);