1过滤验证

Mall.WebApi/Controllers/Education/AppletEducationController.cs

@@ -735,6 +735,11 @@ namespace Mall.WebApi.Controllers.Education
         {
             var req = RequestParm;
             var userInfo = AppletUserInfo;
+            AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.UserId);
+            if ((uInfo?.Blacklist ?? 0) == 1)
+            {
+                return ApiResult.Failed("已进入黑名单，无法访问");
+            }
             RB_Education_ArticleComment_Extend demodel = JsonConvert.DeserializeObject<RB_Education_ArticleComment_Extend>(req.msg.ToString());
 
             if (demodel.ArticleId <= 0)
@@ -1533,6 +1538,11 @@ namespace Mall.WebApi.Controllers.Education
         {
             var req = RequestParm;
             var userInfo = AppletUserInfo;
+            AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.UserId);
+            if ((uInfo?.Blacklist ?? 0) == 1)
+            {
+                return ApiResult.Failed("已进入黑名单，无法访问");
+            }
             Rb_Education_DynamicComment comment = JsonConvert.DeserializeObject<Rb_Education_DynamicComment>(req.msg.ToString());
             comment.Content = StringHelper.UrlDecode(comment.Content);
             string str = comment.Validate();

Mall.WebApi/Filter/ApiFilterAttribute.cs

@@ -184,24 +184,23 @@ namespace Mall.WebApi.Filter
                     string secret = Config.JwtSecretKey;
                     var json = decoder.Decode(token, secret, verify: true);//token为之前生成的字符串
                     JObject jwtJson = JObject.Parse(json);
-                    var muserInfo = jwtJson["mall_userInfo"];
-                    actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] = muserInfo;
-                    TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(muserInfo.ToString());
-                    if (userInfo != null && userInfo.requestFrom == Common.Enum.ApiRequestFromEnum.MiniProgram)
-                    {
-                        //查询是否是黑名单
-                        AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.uid);
-                        if ((uInfo?.Blacklist ?? 0) == 1)
-                        {
-                            actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(
-                            new ApiResult
-                            {
-                                resultCode = (int)ResultCode.TokenIllegal,
-                                message = "已进入黑名单，无法访问",
-                                data = null
-                            });
-                        }
-                    }
+                    actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] = jwtJson["mall_userInfo"];
+                    //TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(muserInfo.ToString());
+                    //if (userInfo != null && userInfo.requestFrom == Common.Enum.ApiRequestFromEnum.MiniProgram)
+                    //{
+                    //    //查询是否是黑名单
+                    //    AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.uid);
+                    //    if ((uInfo?.Blacklist ?? 0) == 1)
+                    //    {
+                    //        actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(
+                    //        new ApiResult
+                    //        {
+                    //            resultCode = (int)ResultCode.TokenIllegal,
+                    //            message = "已进入黑名单，无法访问",
+                    //            data = null
+                    //        });
+                    //    }
+                    //}
                 }
                 catch (SignatureVerificationException sve)
                 {