c# asp.net mvc API接口安全過濾，api域名過濾，api域名+端口過濾

背景

我的項目設定了IIS的請求頭允許所有域名都可以跨域通路我的API；

但是我又想通過程式控制某些域名不能通路

Web.config代碼

<configuration>節點下   <system.webServer>節點

<httpProtocol>
    <customHeaders> 
      <!--*代表任何人域名都可以通路--> 
      <add name="Access-Control-Allow-Origin" value="*" />
      <add name="Access-Control-Allow-Headers" value="AuthToken, Authorization, Origin, Content-Type, Accept, X-Requested-With" />
      <add name="Access-Control-Allow-Methods" value="GET, PATCH, POST, PUT, DELETE, OPTIONS" />

    </customHeaders> 
    </httpProtocol>      

 延伸閱讀：

ASP.NET MVC和ASP.NET Web API跨域請求問題解決方案【最全】​

第一步：Web.config 修改

在網站根目錄打開“Web.config”檔案找到<appSettings>節點，

如果沒有，就在<configuration>節點下加上<appSettings>節點，

下面是完整代碼

<appSettings>
    <!--API域名過濾-->
    <add key="APICheckDomainName" value="http://192.189.1.181/,http://192.189.1.183/" />
  </appSettings>      

第二步：新增檢查類

APICheckDomainName.cs代碼

using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Net.Http;
using System.Web;

namespace API
{
    /// <summary>
    /// 檢查請求API的域名是否授權,可以檢測“域名”或“域名+端口”是否授權
    /// </summary>
    public class APICheckDomainName
    {

  
        /// <summary>
        /// 檢查請求的域名是否授權
        /// </summary>
        /// <param name="Request">目前請求</param>
        /// <param name="PortCheck">是否檢測端口，如果檢測端口，配置檔案的域名也必須附帶端口号，如http://www.baidu.com:80/</param>
        /// <returns>如果未授權傳回false,否則true</returns>
        public static bool CheckDomainName(HttpRequestMessage Request,bool PortCheck=false)
        {
            //RequestStatus
            bool RequestStatus = false;

            string RequestDomainName= string.Empty;

            //擷取配置
            string[] APICheckDomainNameList = ConfigurationManager.AppSettings["APICheckDomainName"].ToString().Split(',');
       
            //協定 http/htts
            string scheme = string.Empty;

            //域名
            string host = string.Empty;

            //端口
            int Port= 0;


            try
            {
                //擷取請求的Scheme
                scheme = Request.Headers.Referrer.Scheme;
            }
            catch (Exception)
            {
                //擷取直接通路的Scheme
                scheme = Request.RequestUri.Scheme;
            }

            try
            {
                //擷取請求的Host
                host = Request.Headers.Referrer.Host;
            }
            catch (Exception)
            {
                //擷取直接通路的Host
                host = Request.RequestUri.Host;
            }

            try
            {
                //擷取請求的Port
                Port = Request.Headers.Referrer.Port;
            }
            catch (Exception)
            {
                //擷取直接通路的Port
                Port = Request.RequestUri.Port;
            }


            if (PortCheck)
            {
                 RequestDomainName = $"{scheme}://{host}:{Port}/";
            }
            else {
                 RequestDomainName = $"{scheme}://{host}/";
            }

           
        
            foreach (var item in APICheckDomainNameList)
            {
                if (item == RequestDomainName)
                {
                    RequestStatus = true;
                }
            }
            return RequestStatus;
        }

    }
}      

第三步：調用

//檢查是否授權
  if (APICheckDomainName.CheckDomainName(Request)==false)
  {
     return "未授權！";
  }