我有一个客户身份验证过滤器属性来保护我的WebApi界面。似乎可行,但是显示了默认的MVC登录页面。我真的只想返回一个json作为正文。我该如何实现?
public class TokenAuthenticationAttribute : AuthorizationFilterAttribute
{
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
try
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "No token specified");
}
else
{
string authenticationString = actionContext.Request.Headers.Authorization.Parameter;
string token = Encoding.UTF8.GetString(Convert.FromBase64String(authenticationString));
Device[] devices = DeviceManager.getInstance().getListOfDevices();
if(devices.Where(a => a.token.Equals(token)).Count() == 0)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid token");
}
}
base.OnAuthorization(actionContext);
}
catch
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid token");
}
}
}