Home > Article > WeChat Applet > Detailed explanation of examples of developing WeChat verification messages with asp.net
Verify the authenticity of the message
Add a filter in the project where the MVC Controller is located, and rewrite it in the filter
public override void OnActionExecuting( ActionExecutingContext filterContext) method
New data model
Note: When the server receives the message, it is no longer signature but msg_signature
HTTP request message example of WeChat server pushing message to the server
POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1
Host: qy. weixin.qq.com
Method rewriting to implement message verification
The verification method when calling WeChat access, but the parameters need to be slightly changed, using the newly created data model
Add filter properties in the Action method or on the Controller
Code example
Model
/// <summary> /// 微信推送消息模型 /// </summary> public class WeChatMsgRequestModel { public string timestamp { get; set; } public string nonce { get; set; } public string msg_signature { get; set; } }
Filter
public class WeChatRequestValidAttribute : ActionFilterAttribute { private const string Token = "StupidMe"; public override void OnActionExecuting(ActionExecutingContext filterContext) { //参数适配 Model.FormatModel.WeChatMsgRequestModel model = new Model.FormatModel.WeChatMsgRequestModel() { nonce= filterContext.HttpContext.Request.QueryString["nonce"],msg_signature= filterContext.HttpContext.Request.QueryString["msg_signature"],timestamp= filterContext.HttpContext.Request.QueryString["timestamp"] }; //验证 if (CheckSignature(model)) { base.OnActionExecuting(filterContext); } } private bool CheckSignature(Model.FormatModel.WeChatMsgRequestModel model) { string signature, timestamp, nonce, tempStr; //获取请求来的参数 signature = model.msg_signature; timestamp = model.timestamp; nonce = model.nonce; //创建数组,将 Token, timestamp, nonce 三个参数加入数组 string[] array = { Token, timestamp, nonce }; //进行排序 Array.Sort(array); //拼接为一个字符串 tempStr = String.Join("", array); //对字符串进行 SHA1加密 tempStr = FormsAuthentication.HashPasswordForStoringInConfigFile(tempStr, "SHA1").ToLower(); //判断signature 是否正确 if (tempStr.Equals(signature)) { return true; } else { return false; } } }
Controller Code
/// <summary> /// 日志助手 /// </summary> private static Common.LogHelper logger = new Common.LogHelper(typeof(HomeController)); [Filters.WeChatRequestValid] public void Valid(Model.FormatModel.WeChatMsgRequestModel model) { if (ModelState.IsValid) { try { //判断是否是POST请求 if (HttpContext.Request.HttpMethod.ToUpper() == "POST") { //从请求的数据流中获取请求信息 using (Stream stream = HttpContext.Request.InputStream) { byte[] postBytes = new byte[stream.Length]; stream.Read(postBytes, 0, (int)stream.Length); string postString = System.Text.Encoding.UTF8.GetString(postBytes); Handle(postString,model); } } } catch (Exception ex) { logger.Error("发生异常,异常信息:" + ex.Message + ex.StackTrace); } } }
The above is the detailed content of Detailed explanation of examples of developing WeChat verification messages with asp.net. For more information, please follow other related articles on the PHP Chinese website!