堆栈内存溢出
  简体   繁体   English

如何从HTTP筛选器获取经过身份验证的用户名,IP地址和控制器操作?

[英]How to get authenticated user's name, IP address, and the controller action being called from an HTTP Filter?

 原文  2016-12-06 09:58:38       c#/ asp.net-mvc/ action-filter

问题描述

I'm trying to audit my action events on the controller. 我正在尝试审核控制器上的动作事件。 I want to keep track of authenticated user's name, his IP address, and controller action being called. 我想跟踪经过身份验证的用户名,他的IP地址和被调用的控制器操作。

My filter code: 我的过滤码: 

public class AuditAttribute : System.Web.Http.Filters.ActionFilterAttribute
    {
        public override void OnActionExecuting(HttpActionContext filterContext)
        {
            var request = filterContext.Request;
            // get user name + ip address + controlleraction 
            base.OnActionExecuting(filterContext);
        }

I was searching on the internet only to see examples of how to do it for Mvc but not for HTTP. 我在互联网上搜索只看到如何为Mvc而不是HTTP做的例子。 For instance, this link here talks about how to audit events for Mvc: http://rion.io/2013/03/03/implementing-audit-trails-using-asp-net-mvc-actionfilters/ 例如,这里的链接讨论了如何审核Mvc的事件: http: //rion.io/2013/03/03/implementing-audit-trails-using-asp-net-mvc-actionfilters/

This link however talks about how to capture IP address for HTTP web app: Capture request IP Address in Web API Authentication Filter But I'm struggling to follow it. 然而,这个链接讨论了如何捕获HTTP Web应用程序的IP地址:在Web API身份验证过滤器中捕获请求IP地址但我很难遵循它。 Not sure where exactly to put this code in. 不确定将此代码放在哪里。

Appreciate your help. 感谢您的帮助。

2 个解决方案

解决方案1
 14 已采纳  2016-12-06 10:31:36

Try using below code. 尝试使用以下代码。

UPDATE: For asp.net web api, please try this 更新:对于asp.net web api,请试试这个 

public class AuditAttribute : ActionFilterAttribute
    {
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            var context = actionContext.RequestContext;
            var user = context.Principal.Identity.IsAuthenticated ? context.Principal.Identity.Name : string.Empty;
            var ip = GetClientIpAddress(actionContext.Request);
            var action = actionContext.ActionDescriptor.ActionName;
            var controller = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;

            base.OnActionExecuting(actionContext);
        }

        private string GetClientIpAddress(HttpRequestMessage request)
        {
            if (request.Properties.ContainsKey("MS_HttpContext"))
            {
                return IPAddress.Parse(((HttpContextBase)request.Properties["MS_HttpContext"]).Request.UserHostAddress).ToString();
            }
            if (request.Properties.ContainsKey("MS_OwinContext"))
            {
                return IPAddress.Parse(((OwinContext)request.Properties["MS_OwinContext"]).Request.RemoteIpAddress).ToString();
            }
            return String.Empty;
        }

    }

And for asp.net MVC, you can try this 对于asp.net MVC,你可以试试这个 

public class AuditAttribute : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext filterContext)
    {

        // get user name + ip address + controlleraction 
        var controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
        var action = filterContext.ActionDescriptor.ActionName;
        var ip = filterContext.HttpContext.Request.UserHostAddress;
        var dateTime = filterContext.HttpContext.Timestamp;
        var user = GetUserName(filterContext.HttpContext);
    }


    private string GetUserName(HttpContext httpContext)
    {
        var userName = string.Empty;
        var context = httpContext.Current;
        if (context != null && context.User != null && context.User.Identity.IsAuthenticated)
        {
            userName = context.User.Identity.Name;
        }
        else
        {
            var threadPincipal = Thread.CurrentPrincipal;
            if (threadPincipal != null && threadPincipal.Identity.IsAuthenticated)
            {
                userName = threadPincipal.Identity.Name;
            }
        }
        return userName;
    }
}

Update 2 : Retrieving Client IP address is always a tricky business because there are lot of factors that has to be considered. 更新2:检索客户端IP地址始终是一件棘手的事情,因为有许多因素需要考虑。 How are clients accessing the application? 客户如何访问该应用程序? Are they coming thru a proxy server? 他们是通过代理服务器来的吗? IP addresses can be spoofed, so there is no 100% reliable way. IP地址可能是欺骗性的,因此没有100%可靠的方法。 Looking at the Http Headers will provide you some level of success in both web api and mvc. 查看Http Headers将为您提供web api和mvc的一定程度的成功。 But you always have to consider the fact that there will be cases where client IP is not valid. 但是你总是要考虑到客户端IP无效的情况。

How can I get the client's IP address in ASP.NET MVC? 如何在ASP.NET MVC中获取客户端的IP地址?

解决方案2
 0  2018-10-30 07:04:04

try this 试试这个 

using System.Web;

and use this 并使用这个 

HttpContext.Current.Request.UserHostAddress

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在使用IdentityServer进行身份验证后获取WebAPI控制器上的用户信息? - How to get user's information on WebAPI controller after authenticated with IdentityServer? 如何从IP地址获取域名 - How to get domain name from IP address 在Action Filter上获取用户名 - Get User Name on Action Filter 从控制器获取和编辑当前经过身份验证的用户 - Get and edit currently authenticated user from a controller 如何获取Web服务器上用户的IP地址? - how to get the user's ip address on web server? 如何在 ASP.NET 中获取用户的客户端 IP 地址? - How to get a user's client IP address in ASP.NET? 如何在ASP.NET MVC View中通过自定义Action Filter对用户进行身份验证? - How to get whether user is authenticated by custom Action Filter in ASP.NET MVC View? 如何从 HTTP 请求中获取 IP 地址和主机名? - How can I get the IP address and hostname from HTTP request? 获取客户端的IP地址和计算机名称? - Get client's IP address and computer name? 如何从IP地址获取设备的制造名称 - How can i get the manufacture name of a device from an IP address
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM