c# – Web Api路由故障
我有一个自托管的Web API项目,所以我不得不使用
Yao’s blog post来帮助页面工作.接下来,我必须确保我的一些方法免遭未经授权的使用.我已经实施了
this idea.
现在有趣的部分.我有3条路线: / help导致帮助页面, / authentication / authenticate用于调用身份验证方法,它需要用户凭据并在成功时返回安全令牌 和/ transaction / {action} / {id}需要保护此路由不被未经授权的使用. 所以基本上,我需要让所有路径,其中controller = transaction,由TokenInspector处理. 1.场景:如果我有这样的路由配置: _config.Routes.MapHttpRoute( name: "AuthenticatedOnly",routeTemplate: "transaction/{action}/{id}",defaults: new {controller = "Transaction",action="GetNewTaskId",id=RouteParameter.Optional},constraints: null,handler: tokenInspector ); _config.Routes.MapHttpRoute( "Default","{controller}/{action}/{id}",defaults: new { controller="Help",action="Index",id = RouteParameter.Optional} ); 一切正常,除了帮助页面只显示POST身份验证/身份验证 2.场景:如果我将路由配置更改为: _config.Routes.MapHttpRoute( name: "AuthenticatedOnly",defaults: new {},id = RouteParameter.Optional} ); 帮助页面工作正常并显示所有方法,但/事务不再受到保护,并且无需令牌即可正常工作. 3.场景: _config.Routes.MapHttpRoute( name: "AuthenticatedOnly",defaults: new {id=RouteParameter.Optional},handler: tokenInspector ); _config.Routes.MapHttpRoute( "Default",id = RouteParameter.Optional} ); 同时使用身份验证和帮助页面,但当我在其标题中使用有效令牌的/ Transaction / GetNewTaskId请求时,我得到404. 更新 更新2 所以,我现在有单一路线: _config.Routes.MapHttpRoute( name: "Default",routeTemplate: "{controller}/{action}/{id}",defaults: new { controller = "Help",action = "Index",id=RouteParameter.Optional } ); 这就是我启动服务器的方式: _config = new ExtendedHttpSelfHostConfiguration(ServiceAddress); TokenInspector tokenInspector = new TokenInspector() { InnerHandler = new HttpRoutingDispatcher(_config) }; _server = new HttpSelfHostServer(_config,tokenInspector); ConfigureHost(_config); _server.OpenAsync(); 也许这个问题无法以这种方式回答,但无论如何,谢谢大家的努力! 此致,insomnium_ 解决方法//This is for your public controllers //this route will ONLY catch requests for Help and Authentication controllers only //you will need to include any new public controller that uses the route pattern _config.Routes.MapHttpRoute( name: "Public",constraints: new { controller = @"^(Help|Authentication)$" },id = RouteParameter.Optional} ); //Everything that is not Help or Authentication will use this route,which will check for the valid token you mention //This route is defaulting to /Transaction/GetNewTaskId _config.Routes.MapHttpRoute( name: "AuthenticatedOnly",defaults: new { controller = "Transaction",handler: tokenInspector ); (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |