MVC身份验证机制
2014-12-13 09:13
435 查看
namespace BCPayWeb.Core
{
public class UserLoginAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
// httpContext.Session["User"] = new Users() { Id = 1, RoleId = 1 };
if (httpContext.Session["User"] == null)
{
httpContext.Response.StatusCode = 401;
return false;
}
base.AuthorizeCore(httpContext);
return true;
}
public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
{
try
{
string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string actionName = filterContext.ActionDescriptor.ActionName;
if (filterContext.HttpContext.Session["User"] == null)
{
if (controllerName.ToLower() != "users")
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
throw new Exception("登录超时,请重新登录。");
}
string url = filterContext.HttpContext.Request.RawUrl;
if (url.Length < 4 || url.Contains("Excel") || url.Contains("excel"))
{
BCPayWebDataContext db = new BCPayWebDataContext();
url = "/Pay/Phone?mid=2";
}
filterContext.Result = new RedirectResult(string.Format("/Users/Login?returnUrl={0}", HttpUtility.UrlEncode(url)));
return;
}
}
if (controllerName.ToLower() != "menu")
{
BCPayWebDataContext db = new BCPayWebDataContext();
var user = filterContext.HttpContext.Session["User"] as SerializableUser;
var query = from q in db.RoleMenu
where q.RoleId == user.RoleId && q.Menu.Url.ToLower() == string.Format("/{0}/{1}", controllerName, actionName).ToLower()
select q;
if (query.Count() < 1)
{
throw new Exception("您没有权限访问此页面。");
}
}
filterContext.HttpContext.Session["Error"] = null;
base.OnAuthorization(filterContext);
}
catch (Exception ex)
{
try
{
filterContext.HttpContext.Session["Error"] = ex.Message;
filterContext.HttpContext.Response.Write(ex.Message);
filterContext.HttpContext.Response.End();
filterContext.Result = new RedirectResult("/Users/Login");
}
catch (Exception)
{
}
}
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
}
else
{
string url = filterContext.HttpContext.Request.RawUrl;
if (url.Length < 4)
{
url = "/Pay/Phone?mid=2";
}
filterContext.Result = new RedirectResult(string.Format("/Users/Login?returnUrl={0}", HttpUtility.UrlEncode(url)));
}
}
}
}引用时 只需在acticon或方法名上上加入[UserLoginAttribute]即可
[UserLoginAttribute]
public class MenuController : Controller
{
//左侧导航
// GET: /Menu/
public PartialViewResult Index()
{
var user = Session["User"] as SerializableUser;
if (user != null)
{
BCPayWebDataContext db = new BCPayWebDataContext();
var query = from q in db.RoleMenu
where q.RoleId == user.RoleId && q.Menu.IsShow == 1
orderby q.Menu.Id ascending
select new MyMenu
{
Id = q.Menu.Id,
ParentId = q.Menu.ParentId,
Tip = q.Menu.Tip,
Title = q.Menu.Title,
Type = q.Menu.Type,
Url = q.Menu.Url,
Sort = q.Menu.Sort,
};
var lst = query.ToList();
lst.Sort(SortMenuCompare);
return PartialView(lst);
}
return PartialView();
}
private static int SortMenuCompare(MyMenu m1, MyMenu m2)
{
return m1.Sort.CompareTo(m2.Sort);
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- ASP.NET身份验证机制membership入门——配置篇(1)
- 物联网智能硬件设备身份验证机制
- ASP.NET MVC 3.0(十): MVC 3.0 使用 Forms身份验证
- ASP.NET身份验证机制membership入门——配置篇(1)
- 转:ASP.NET MVC:窗体身份验证及角色权限管理示例
- ASP.NET MVC Form身份验证
- MVC身份验证Attribute简易版
- webapi框架搭建-安全机制(二)-身份验证
- 建立用户身份验证机制和个性化设置总结(1)
- ASP.NET身份验证机制membership入门——配置篇(1){转}
- ASP.NET MVC 4 (十三) 基于表单的身份验证
- ASP.NET MVC 窗体身份验证及角色权限管理示例
- ASP.NET没有魔法——ASP.NET MVC使用Oauth2.0实现身份验证
- ASP.NET身份验证机制membership入门——API篇 (转)
- MVC中使用AuthorizeAttribute做身份验证操作
- asp.net mvc 身份验证中返回绝对路径的ReturnUrl
- ASP.NET身份验证机制membership入门——配置篇(2)
- asp.net mvc 身份验证中返回绝对路径的ReturnUrl
- MVC中使用AuthorizeAttribute做身份验证操作
- MVC中使用AuthorizeAttribute做身份验证操作