我正在研究 ASPNET MVC 4 和 WebApi。webapi 方法将被移动设备使用。我们需要保护服务,我们使用的是以某种特定方式加密数据。
现在,我需要在到达控制器之前解密调用。如果解密的信息是有效的,它应该像往常一样继续到控制器,如果不是,我会将用户路由到一些错误方法。
要做到这一点,我认为最好的选择是自定义 HttpHandler 和自定义 RouteHandler。我在这里按照教程
public class MvcSecurityRouteHandler:IRouteHandler
{
public System.Web.IHttpHandler GetHttpHandler(RequestContext requestContext)
{
return new MvcSecurityHttpHandler(requestContext);
}
}
public class MvcSecurityHttpHandler : IHttpHandler, System.Web.SessionState.IRequiresSessionState, IRouteHandler
{
public RequestContext RequestContext { get; set; }
public MvcSecurityHttpHandler(RequestContext requestContext)
{
this.RequestContext = requestContext;
}
public bool IsReusable
{
get { return true; }
}
public void ProcessRequest(HttpContext httpContext)
{
var controllerId = RequestContext.RouteData.GetRequiredString("controllerId");
IController controller = null;
IControllerFactory factory = null;
try
{
factory = ControllerBuilder.Current.GetControllerFactory();
controller = factory.CreateController(RequestContext, controllerId);
if (controller != null)
{
controller.Execute(RequestContext);
}
}
finally
{
factory.ReleaseController(controller);
}
//string originalPath = httpContext.Request.Path;
//HttpContext.Current.RewritePath(httpContext.Request.ApplicationPath, false);
//IHttpHandler httpHandler = new MvcHttpHandler();
//httpHandler.ProcessRequest(HttpContext.Current);
//HttpContext.Current.RewritePath(originalPath, false);
}
public IHttpHandler GetHttpHandler(RequestContext requestContext)
{
throw new NotImplementedException();
}
}
public class RouteConfig
{
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
var defaults = new RouteValueDictionary
{{"controllerId", "Home"},{"action", "Index"},{"id", string.Empty}};
var customRoute = new Route("{controllerId}/{action}/{id}", defaults, new MvcSecurityRouteHandler());
routes.Add(customRoute);
routes.MapRoute(
name: "DefaultWebApi",
url: "{controller}/{action}/{id}",
defaults: new
{
controller = "Home",
action = "Index",
id = UrlParameter.Optional
});
}
}
全球.asax.cs
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
var defaults = new RouteValueDictionary
{{"controllerId", "Home"},{"action", "Index"},{"id", string.Empty}};
var customRoute = new Route("{controllerId}/{action}/{id}", defaults, new MvcSecurityRouteHandler());
routes.Add(customRoute);
}
并在 Application_Start
RegisterRoutes(RouteTable.Routes);
服务启动后,我在 ProcessRequest 中创建了一个断点,它没有被命中。可能缺少什么?这是正确的做法吗?