我想限制在标题中传递的令牌时对API的访问,在我的配置中不匹配值。我已经在项目中创建了一个自定义GUID,以防止访问非匹配令牌值或空头值。
使用此设置如何从控制器中的操作中正确返回404或其他状态,其返回类型是特定类型的列表(用于返回JSON(?
[HttpGet]
[Route("getList")]
public List<_Type> func([FromUri] int? value)
{
if (Request.Headers == null || !Request.Headers.Contains("token") || Request.Headers.GetValues("token").First() != ConfigurationManager.AppSettings["token"])
throw new HttpException(404, "Not found"); //works but triggers a object null reference exeption
return new List<_Type>();
}
您可以将返回类型更改为ihttpactionResult。OK((方法将对象作为参数,因此您可以传递收集。
[HttpGet]
[Route("getList")]
public IHttpActionResult func([FromUri] int? value)
{
if (Request.Headers == null || !Request.Headers.Contains("token") || Request.Headers.GetValues("token").First() != ConfigurationManager.AppSettings["token"])
return NotFound(); //works but triggers a object null reference exeption
return Ok(new List<_Type>());
}
[HttpGet]
[Route("getList")]
public ActionResult func([FromUri] int? value) {
if (Request.Headers == null || !Request.Headers.Contains("token") || Request.Headers.GetValues("token").First() != ConfigurationManager.AppSettings["token"])
return NotFound();
return Json(new List<_Type>());
}