/// <summary>
/// 自定义鉴权
/// </summary>
public class WebApiAuthAttribute : AuthorizeAttribute
{
/// <summary>
/// 权限验证
/// </summary>
/// <param name="actionContext"></param>
public override void OnAuthorization(HttpActionContext actionContext)
{
V_UserLogin UserInfo = Models.User.UserInfo.UserData;
if (UserInfo == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "请先登录!", "application/json");
}
else if (string.IsNullOrEmpty(Roles) == false && Roles.Split('、').Any(p => p == UserInfo.UserType) == false)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, "你没有访问权限!", "application/json");
}
else
{
base.IsAuthorized(actionContext);//为此请求授权
}
}
}