Skip to content

M
mall.oytour.com
Commit af7f1f37 authored by liudong1993's avatar liudong1993
Browse files
Options

1过滤验证

parent c1d87565
Hide whitespace changes
Inline Side-by-side
Showing with 27 additions and 18 deletions
Mall.WebApi/Controllers/Education/AppletEducationController.cs
View file @ af7f1f37
...@@ -735,6 +735,11 @@ namespace Mall.WebApi.Controllers.Education ...@@ -735,6 +735,11 @@ namespace Mall.WebApi.Controllers.Education
{ {
var req = RequestParm; var req = RequestParm;
var userInfo = AppletUserInfo; var userInfo = AppletUserInfo;
AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.UserId);
if ((uInfo?.Blacklist ?? 0) == 1)
{
return ApiResult.Failed("已进入黑名单,无法访问");
}
RB_Education_ArticleComment_Extend demodel = JsonConvert.DeserializeObject<RB_Education_ArticleComment_Extend>(req.msg.ToString()); RB_Education_ArticleComment_Extend demodel = JsonConvert.DeserializeObject<RB_Education_ArticleComment_Extend>(req.msg.ToString());
if (demodel.ArticleId <= 0) if (demodel.ArticleId <= 0)
...@@ -1533,6 +1538,11 @@ namespace Mall.WebApi.Controllers.Education ...@@ -1533,6 +1538,11 @@ namespace Mall.WebApi.Controllers.Education
{ {
var req = RequestParm; var req = RequestParm;
var userInfo = AppletUserInfo; var userInfo = AppletUserInfo;
AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.UserId);
if ((uInfo?.Blacklist ?? 0) == 1)
{
return ApiResult.Failed("已进入黑名单,无法访问");
}
Rb_Education_DynamicComment comment = JsonConvert.DeserializeObject<Rb_Education_DynamicComment>(req.msg.ToString()); Rb_Education_DynamicComment comment = JsonConvert.DeserializeObject<Rb_Education_DynamicComment>(req.msg.ToString());
comment.Content = StringHelper.UrlDecode(comment.Content); comment.Content = StringHelper.UrlDecode(comment.Content);
string str = comment.Validate(); string str = comment.Validate();
......
Mall.WebApi/Filter/ApiFilterAttribute.cs
View file @ af7f1f37
...@@ -184,24 +184,23 @@ namespace Mall.WebApi.Filter ...@@ -184,24 +184,23 @@ namespace Mall.WebApi.Filter
string secret = Config.JwtSecretKey; string secret = Config.JwtSecretKey;
var json = decoder.Decode(token, secret, verify: true);//token为之前生成的字符串 var json = decoder.Decode(token, secret, verify: true);//token为之前生成的字符串
JObject jwtJson = JObject.Parse(json); JObject jwtJson = JObject.Parse(json);
var muserInfo = jwtJson["mall_userInfo"]; actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] = jwtJson["mall_userInfo"];
actionContext.HttpContext.Items[GlobalKey.TokenUserInfo] = muserInfo; //TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(muserInfo.ToString());
TokenUserInfo userInfo = JsonConvert.DeserializeObject<TokenUserInfo>(muserInfo.ToString()); //if (userInfo != null && userInfo.requestFrom == Common.Enum.ApiRequestFromEnum.MiniProgram)
if (userInfo != null && userInfo.requestFrom == Common.Enum.ApiRequestFromEnum.MiniProgram) //{
{ // //查询是否是黑名单
//查询是否是黑名单 // AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.uid);
AppletUserInfo uInfo = UserReidsCache.GetAppletUserBlacklistInfo(userInfo.uid); // if ((uInfo?.Blacklist ?? 0) == 1)
if ((uInfo?.Blacklist ?? 0) == 1) // {
{ // actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult(
actionContext.Result = new Microsoft.AspNetCore.Mvc.JsonResult( // new ApiResult
new ApiResult // {
{ // resultCode = (int)ResultCode.TokenIllegal,
resultCode = (int)ResultCode.TokenIllegal, // message = "已进入黑名单,无法访问",
message = "已进入黑名单,无法访问", // data = null
data = null // });
}); // }
} //}
}
} }
catch (SignatureVerificationException sve) catch (SignatureVerificationException sve)
{ {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment