web api對接小程序基本簽名認證

using BMOA.Application.System;
using BMOA.Common;
using BMOA.Web.Models;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Net.Http;
using System.Web;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;

namespace KBMOA.Web.Filter
{
    /// <summary>
    /// Api請求過濾器
    /// </summary>
    public class ApiFilter : ActionFilterAttribute
    {
        /// <summary>
        /// 小程序端請使用sha1加密appkey
        /// </summary>
        /// <param name="actionContext"></param>
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            string appkey = string.Empty;
            string apppwd = string.Empty;
            if (actionContext.Request.Headers.Contains("appkey"))
            {
                appkey = HttpUtility.UrlDecode(actionContext.Request.Headers.GetValues("appkey").FirstOrDefault());
            }
            if (actionContext.Request.Headers.Contains("apppwd"))
            {
                apppwd = HttpUtility.UrlDecode(actionContext.Request.Headers.GetValues("apppwd").FirstOrDefault());
            }

            //判斷請求頭是否包含如下參數
            if (string.IsNullOrEmpty(appkey) || string.IsNullOrEmpty(apppwd))
            {
                Check(actionContext);
                base.OnActionExecuting(actionContext);
            }
            if (appkey.Equals(YG_Config.appkey) == false || string.Equals(apppwd, ZEncypt.Sha1(appkey), StringComparison.CurrentCultureIgnoreCase) == false)
            {
                Check(actionContext);
                base.OnActionExecuting(actionContext);
            }
        }

        private void Check(HttpActionContext actionContext)
        {
            ResponseModel result = new ResponseModel() { Success = false };
            result.Message = "此請求未經受權";
            actionContext.Response = actionContext.Request.CreateResponse(result);
        }
    }
}