MVC身份验证机制
2014-12-13 09:13
435 查看
namespace BCPayWeb.Core { public class UserLoginAttribute : AuthorizeAttribute { protected override bool AuthorizeCore(HttpContextBase httpContext) { // httpContext.Session["User"] = new Users() { Id = 1, RoleId = 1 }; if (httpContext.Session["User"] == null) { httpContext.Response.StatusCode = 401; return false; } base.AuthorizeCore(httpContext); return true; } public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext) { try { string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; string actionName = filterContext.ActionDescriptor.ActionName; if (filterContext.HttpContext.Session["User"] == null) { if (controllerName.ToLower() != "users") { if (filterContext.HttpContext.Request.IsAjaxRequest()) { throw new Exception("登录超时,请重新登录。"); } string url = filterContext.HttpContext.Request.RawUrl; if (url.Length < 4 || url.Contains("Excel") || url.Contains("excel")) { BCPayWebDataContext db = new BCPayWebDataContext(); url = "/Pay/Phone?mid=2"; } filterContext.Result = new RedirectResult(string.Format("/Users/Login?returnUrl={0}", HttpUtility.UrlEncode(url))); return; } } if (controllerName.ToLower() != "menu") { BCPayWebDataContext db = new BCPayWebDataContext(); var user = filterContext.HttpContext.Session["User"] as SerializableUser; var query = from q in db.RoleMenu where q.RoleId == user.RoleId && q.Menu.Url.ToLower() == string.Format("/{0}/{1}", controllerName, actionName).ToLower() select q; if (query.Count() < 1) { throw new Exception("您没有权限访问此页面。"); } } filterContext.HttpContext.Session["Error"] = null; base.OnAuthorization(filterContext); } catch (Exception ex) { try { filterContext.HttpContext.Session["Error"] = ex.Message; filterContext.HttpContext.Response.Write(ex.Message); filterContext.HttpContext.Response.End(); filterContext.Result = new RedirectResult("/Users/Login"); } catch (Exception) { } } } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { } else { string url = filterContext.HttpContext.Request.RawUrl; if (url.Length < 4) { url = "/Pay/Phone?mid=2"; } filterContext.Result = new RedirectResult(string.Format("/Users/Login?returnUrl={0}", HttpUtility.UrlEncode(url))); } } } }引用时 只需在acticon或方法名上上加入
[UserLoginAttribute]即可
[UserLoginAttribute] public class MenuController : Controller { //左侧导航 // GET: /Menu/ public PartialViewResult Index() { var user = Session["User"] as SerializableUser; if (user != null) { BCPayWebDataContext db = new BCPayWebDataContext(); var query = from q in db.RoleMenu where q.RoleId == user.RoleId && q.Menu.IsShow == 1 orderby q.Menu.Id ascending select new MyMenu { Id = q.Menu.Id, ParentId = q.Menu.ParentId, Tip = q.Menu.Tip, Title = q.Menu.Title, Type = q.Menu.Type, Url = q.Menu.Url, Sort = q.Menu.Sort, }; var lst = query.ToList(); lst.Sort(SortMenuCompare); return PartialView(lst); } return PartialView(); } private static int SortMenuCompare(MyMenu m1, MyMenu m2) { return m1.Sort.CompareTo(m2.Sort); } }
相关文章推荐
- ASP.NET身份验证机制membership入门——配置篇(1)
- 物联网智能硬件设备身份验证机制
- ASP.NET MVC 3.0(十): MVC 3.0 使用 Forms身份验证
- ASP.NET身份验证机制membership入门——配置篇(1)
- 转:ASP.NET MVC:窗体身份验证及角色权限管理示例
- ASP.NET MVC Form身份验证
- MVC身份验证Attribute简易版
- webapi框架搭建-安全机制(二)-身份验证
- 建立用户身份验证机制和个性化设置总结(1)
- ASP.NET身份验证机制membership入门——配置篇(1){转}
- ASP.NET MVC 4 (十三) 基于表单的身份验证
- ASP.NET MVC 窗体身份验证及角色权限管理示例
- ASP.NET没有魔法——ASP.NET MVC使用Oauth2.0实现身份验证
- ASP.NET身份验证机制membership入门——API篇 (转)
- MVC中使用AuthorizeAttribute做身份验证操作
- asp.net mvc 身份验证中返回绝对路径的ReturnUrl
- ASP.NET身份验证机制membership入门——配置篇(2)
- asp.net mvc 身份验证中返回绝对路径的ReturnUrl
- MVC中使用AuthorizeAttribute做身份验证操作
- MVC中使用AuthorizeAttribute做身份验证操作