过滤器说明
过滤器与中间件很相似,过滤器(Filters)可在管道(pipeline)特定阶段(particular stage)前后执行操作。可以将过滤器视为拦截器(interceptors)。
过滤器级别范围
过滤器有多个级别,分别是:
- 全局级别过滤器(Global scope),通过
Program.cs
全局添加Filter
- 控制器级别过滤器(Controller scope),通过
AttributeUsage
特性配置 - 动作级别过滤器(Action scope),通过
AttributeUsage
特性配置
过滤器类型
Asp.Net Core 过滤器:
- IResourceFilter
- IAuthorizationFilter
- IPageFilter
- ExceptionFilterAttribute
- ActionFilterAttribute
过滤器类型 | 接口 | 对应特性 | 含义 |
---|---|---|---|
授权过滤器 | IAuthorizationFilter、IAsyncAuthorizationFilter | 没有提供特性类 | 最先执行,用于判断用户是否授权。如果未授权,则直接结束当前请求。这种类型的过滤器实现了 IAsyncAuthorizationFilter 或IAuthorizationFilter 接口。 |
资源过滤器 | IResourceFilter、IAsyncResourceFilter | 没有提供特性类 | 在Authorization过滤器后执行,并在执行其他过滤器 (除Authorization过滤器外)之前和之后执行。由于它在Action之前执行,因而可以用来对请求判断,根据条件来决定是否继续执行Action。这种类型过滤器实现了 IAsyncResourceFilter 或 IResourceFilter 接口。 |
操作过滤器 | IActionFilter、IAsyncActionFilter | ActionFilterAttribute | 在Action执行的前后执行。与Resource过滤器不一样,它在模型绑定后执行。这种类型的过滤器实现了 IAsyncActionFilter 或 IActionFilter 接口。 |
页面过滤器 | IPageFilter、IAsyncPageFilter | 没有提供特性类 | 页面过滤器是 Razor Pages 等效的操作过滤器 |
结果过滤器 | IResultFilter、IAsyncResultFilter、 IAlwaysRunResultFilter、IAsyncAlwaysRunResultFilter | ResultFilterAttribute | 在 IActionResult 执行的前后执行,使用它能够控制Action的执行结果,比如:格式化结果等。需要注意的是,它只有在Action方法成功执行完成后才会运行。这种类型过滤器实现了 IAsyncResultFilter 或 IResultFilter 接口。 |
异常过滤器 | IExceptionFilter、IAsyncExceptionFilter | ExceptionFilterAttribute | 异常过滤器用于管理未处理的异常,比如:用于捕获异常。这种类型的过滤器实现了 IAsyncExceptionFilter 或 IExceptionFilter 接口。 |
不同类型的过滤器在ASP.NET Core中的位置。可以看到不同类型的过滤器在不同阶段起作用。授权过滤器先于其他所有操作,并在任何授权错误时阻止请求。 资源过滤器在模型验证和模型绑定请求之前运行,也在我们的请求结果从服务器返回时运行。 动作过滤器类型在动作调用之前和之后起作用。 此外,如果操作引发异常,则会触发异常过滤器。 在管道的末尾,结果过滤器对 IActionResult 最终对象实例进行操作。
ActionFilter
ActionFilterAttribute 拦截器通过 重写 OnActionExecuting,来 拦截action的请求消息,当执行OnActionExecuting完成以后才真正进入请求的action中,action运行完后又把控制权给了 OnActionExecuted,这个管道机制可以使我们用它来轻松实现 权限认证、日志记录 ,跨域以及很多需要对全局或者部分请求做手脚的的功能。
大概的流程如下:
ActionFilter全称是ActionFilterAttribute,我们根据微软的命名规范可以看出这是一个特性类,看一下它的声明:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public abstract class ActionFilterAttribute : Attribute, IActionFilter, IFilterMetadata, IAsyncActionFilter, IAsyncResultFilter, IOrderedFilter, IResultFilter
这是一个允许标注在类和方法上的特性类,允许多个标记,标注之后子类会继承父类的特性。然后,这个类是一个抽象类,所以我们可以通过继承ActionFilterAttribute来编写自己的ActionFilter。
ActionFilter 四个方法
public virtual void OnActionExecuted(ActionExecutedContext context);
public virtual void OnActionExecuting(ActionExecutingContext context);
public virtual void OnResultExecuted(ResultExecutedContext context);
public virtual void OnResultExecuting(ResultExecutingContext context);
上图是这四个方法在一次请求中执行的顺序。在一次请求真正执行之前,想要拦截这个请求,应该使用OnActionExecuting
。
为什么单独说这个呢?因为这个方法的出镜率很高,大多数时候都会使用这个方法进行请求过滤。
获取Api请求相关信息
在Program.cs
中添加EnableBuffering
。一定要添加在UseEndpoints
和MapControllers
之前
//3.0
//app.Use(next => context =>
//{
// context.Request.EnableBuffering();
// return next(context);
//});//net6.0
//启动倒带方式
//app.Use(async (context, next) => {
// context.Request.EnableBuffering();
// await next();
//});app.Use((context, next) =>
{context.Request.EnableBuffering();return next(context);
});//同步需要添加此代码
builder.Services.Configure<KestrelServerOptions>(x => x.AllowSynchronousIO = true).Configure<IISServerOptions>(x => x.AllowSynchronousIO = true);
添加同步ActionFilter
或异步ActionFilter
。注意:同步与异步不能一起使用 同步ActionFilter
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Razor.TagHelpers;
using Microsoft.AspNetCore.Mvc.Controllers;
using System.Text;
using System.Text.Json;namespace WebApplication1
{[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]public class ApiFilter : ActionFilterAttribute{private string ActionArguments { get; set; }/// <summary>/// 执行方法体之前/// </summary>/// <param name="context"></param>public override void OnActionExecuting(ActionExecutingContext context){try{if (context.ActionArguments != null && context.ActionArguments.Count > 0){ActionArguments = JsonSerializer.Serialize(context.ActionArguments);}else{ActionArguments = string.Empty;}}catch (Exception ex){var _serviceProvider = context.HttpContext.RequestServices;_serviceProvider.GetService<ILogger<ApiFilter>>()!.LogError(ex.StackTrace);}base.OnActionExecuting(context);}/// <summary>/// 执行方法体之后,返回result前/// </summary>/// <param name="context"></param>public override void OnActionExecuted(ActionExecutedContext context){var request = context?.HttpContext?.Request;//获取IServiceProvidervar _serviceProvider = context.HttpContext.RequestServices;//判断Body是否存在var isBody = context.ActionDescriptor.Parameters.Any(r => r.BindingInfo?.BindingSource == BindingSource.Body);//请求地址string url = request.Host + request.Path + request.QueryString;var descriptor = (ControllerActionDescriptor)context.ActionDescriptor;//获取控制器名称var controllerName = descriptor.ControllerName;//获取action名称var actionName = descriptor.ActionName;//获取request参数var requestArguments = ActionArguments;//请求方式string method = request.Method;//请求Headervar headrs = request.Headers;//context.HttpContext.Request.Form//获取Request Bodystring requestBody = string.Empty;if (request.Method == "POST" && request.Body != null){using StreamReader sr = new StreamReader(request.Body);if (request.Body.CanSeek) request.Body.Seek(0, SeekOrigin.Begin);if (request.Body.CanRead) requestBody = sr.ReadToEnd();if (request.Body.CanSeek) request.Body.Seek(0, SeekOrigin.Begin);}//获取Response Bodyvar Response = context?.HttpContext?.Response;var result = context.Result;if (result is JsonResult json){var x = json.Value;var status = json.StatusCode;var content = JsonSerializer.Serialize(x);}if (result is ViewResult view){var status = view.StatusCode;var content = view.ViewData;var name = view.ViewName;}if (result is ObjectResult ob){var x = ob.Value;var status = ob.StatusCode;var content = JsonSerializer.Serialize(x);}base.OnActionExecuted(context);}/// <summary>/// 返回result之前/// </summary>/// <param name="context"></param>public override void OnResultExecuting(ResultExecutingContext context){base.OnResultExecuting(context);}/// <summary>/// 返回result之后/// </summary>/// <param name="context"></param>public override void OnResultExecuted(ResultExecutedContext context){base.OnResultExecuted(context);}}
}
异步ActionFilter
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using System.Text.Json;
using System.Net.NetworkInformation;
using System.Net.Sockets;
using System.Net;namespace WebApplication1.Filter
{[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]public class ApiAsyncFilter : ActionFilterAttribute{public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next){//执行方法体之前//...//执行方法体await base.OnActionExecutionAsync(context, next);//执行方法体之后//获取requestBodyvar request = context?.HttpContext?.Request;string requestBody = string.Empty;if (request.Method == "POST" && request.Body != null){using StreamReader sr = new StreamReader(request.Body);if (request.Body.CanSeek) request.Body.Seek(0, SeekOrigin.Begin);if (request.Body.CanRead) requestBody = await sr.ReadToEndAsync();//第二种方法if (request.Body.CanRead){var result = await request.BodyReader.ReadAsync();requestBody = Encoding.UTF8.GetString(result.Buffer);}if (request.Body.CanSeek) request.Body.Seek(0, SeekOrigin.Begin);}}public override async Task OnResultExecutionAsync(ResultExecutingContext context, ResultExecutionDelegate next){//返回result之前await base.OnResultExecutionAsync(context, next);}}
}
ActionFilter 记录异常日志
using Microsoft.AspNetCore.Mvc.Filters;
using System.Text.Json;namespace WebApplication1
{public class ExceptionFilter : ActionFilterAttribute{private string ActionArguments { get; set; }/// <summary>/// 执行方法体之后,返回result前/// </summary>/// <param name="context"></param>public override void OnActionExecuted(ActionExecutedContext context){if (context.Exception != null){LoggerError(context, context.Exception);}base.OnActionExecuted(context);}/// <summary>/// 执行方法体之前/// </summary>/// <param name="context"></param>public override void OnActionExecuting(ActionExecutingContext context){try{if (context.ActionArguments != null && context.ActionArguments.Count > 0){ActionArguments = JsonSerializer.Serialize(context.ActionArguments);}else{ActionArguments = string.Empty;}}catch (Exception ex){context.HttpContext.RequestServices.GetService<ILogger<ExceptionFilter>>()!.LogError(ex.StackTrace);}base.OnActionExecuting(context);}private void LoggerError(ActionExecutedContext context, Exception exception){var _logger = context.HttpContext.RequestServices.GetService<ILogger<ExceptionFilter>>()!;try{string url = context.HttpContext.Request.Host + context.HttpContext.Request.Path + context.HttpContext.Request.QueryString;string method = context.HttpContext.Request.Method;string message = $"\n" + $"地址:{url} \n " +$"方式:{method} \n " +$"参数:{ActionArguments}\n " +$"错误描述:{context.Exception.Message}\n " +$"错误堆栈:{context.Exception.StackTrace}\n ";if (exception.InnerException != null){message += "\n InnerException异常Message:" + exception.InnerException.Message;message += "\n InnerException异常StackTrace:" + exception.InnerException.StackTrace;}_logger.LogError(message);}catch (Exception ex){_logger.LogError(ex.StackTrace);}}}
}
ExceptionFilter 记录异常日志
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.EntityFrameworkCore;
using System;
using System.Net;
using System.Text.Json;namespace WebApplication1
{public class ExceptionFilter : ExceptionFilterAttribute{public override void OnException(ExceptionContext context){Exception ex = context.Exception;string url = context.HttpContext.Request.Host + context.HttpContext.Request.Path + context.HttpContext.Request.QueryString;string method = context.HttpContext.Request.Method;string message = $"\n " + $"地址:{url} \n " +$"方式:{method} \n " +$"错误描述:{ex.Message}\n " +$"错误堆栈:{ex.StackTrace}\n ";//while (ex.InnerException != null) { ex = ex.InnerException; }if (ex.InnerException != null){message += "\n InnerException异常Message:" + ex.InnerException.Message;message += "\n InnerException异常StackTrace:" + ex.InnerException.StackTrace;}context.HttpContext.Response.StatusCode = (int)HttpStatusCode.InternalServerError;context.Result = new ObjectResult(message);// 表明异常已处理,客户端可得到正常返回context.ExceptionHandled = true;base.OnException(context);}}
}
全局添加过滤器
在Program.cs
添加Filter
builder.Services.Configure<MvcOptions>(opts => opts.Filters.Add<ExceptionFilter>());builder.Services.AddControllersWithViews(options =>
{//options.Filters.Add(new ApiFilter(null,null));options.Filters.Add<ApiFilter>();
});//或者
builder.Services.Configure<MvcOptions>(opts => opts.Filters.Add<ExceptionFilter>());
参考文档
ASP.NET Core教程-Filter(过滤器)
https://www.cnblogs.com/cqpanda/p/16907950.html
全局获取异常
https://www.cnblogs.com/shenweif/p/17236321.html