1.權限控制使用controller和 action來實現,權限方式有很多種,最近開發項目使用控制控制器方式實現代碼如下
/// <summary> /// 用戶權限控制 /// </summary> public class UserAuthorize : AuthorizeAttribute { /// <summary> /// 授權失敗時呈現的視圖 /// </summary> public string AuthorizationFailView { get; set; } /// <summary> /// 請求授權時執行 /// </summary> /// <param name="filterContext">上下文</param> public override void OnAuthorization(AuthorizationContext filterContext) { // 獲取url請求裡的 controller 和 action string controllerName = filterContext.RouteData.Values["controller"].ToString(); string actionName = filterContext.RouteData.Values["action"].ToString(); // 獲取用戶信息 UserLoginBaseInfo _userLoginInfo = filterContext.HttpContext.Session[Property.UerLoginSession] as UserLoginBaseInfo; //根據請求過來的controller和action去查詢可以被哪些角色操作: 這是查詢數據庫 roleid使用 1,2,3,4格式 RoleWithControllerAction roleWithControllerAction = SampleData.roleWithControllerAndAction.FirstOrDefault(r => r.ControllerName.ToLower() == controllerName.ToLower() && r.ActionName.ToLower() == actionName.ToLower() && r.RoleIds.contails("3")); // 有值處理 if (roleWithControllerAction != null) { //有權限操作當前控制器和Action的角色id this.Roles = roleWithControllerAction.RoleIds; } else { //請求失敗輸出空結果 filterContext.Result = new EmptyResult(); //打出提示文字 HttpContext.Current.Response.Write("對不起,你沒有權限操作!"); } base.OnAuthorization(filterContext); } /// <summary> /// 自定義授權檢查(返回False則授權失敗) /// </summary> protected override bool AuthorizeCore(HttpContextBase httpContext) { //if (httpContext.User.Identity.IsAuthenticated) //{ // string userName = httpContext.User.Identity.Name; //當前登錄用戶的用戶名 // User user = SampleData.users.Find(u => u.UserName == userName); //當前登錄用戶對象 // if (user != null) // { // Role role = SampleData.roles.Find(r => r.Id == user.RoleId); //當前登錄用戶的角色 // foreach (string roleid in Roles.Split(',')) // { // if (role.Id.ToString() == roleid) // return true; // } // return false; // } // else // return false; //} //else // return false; //進入HandleUnauthorizedRequest return true; } /// <summary> /// 處理授權失敗的HTTP請求 /// </summary> protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { if (string.IsNullOrWhiteSpace(AuthorizationFailView)) AuthorizationFailView = "error"; filterContext.Result = new ViewResult { ViewName = AuthorizationFailView }; } }
二.單點登錄方式使用application方式來實現
1.用戶登錄成功後記錄當前信息
/// <summary> /// 限制一個用戶只能登陸一次 /// </summary> /// <returns></returns> private void GetOnline() { string UserID = "1"; Hashtable SingleOnline = (Hashtable)System.Web.HttpContext.Current.Application[Property.Online]; if (SingleOnline == null) SingleOnline = new Hashtable(); IDictionaryEnumerator idE = SingleOnline.GetEnumerator(); string strKey = string.Empty; while (idE.MoveNext()) { if (idE.Value != null && idE.Value.ToString().Equals(UserID)) { //already login strKey = idE.Key.ToString(); //當前用戶已存在移除、 SingleOnline.Remove(strKey); System.Web.HttpContext.Current.Application.Lock(); System.Web.HttpContext.Current.Application[Property.Online] = SingleOnline; System.Web.HttpContext.Current.Application.UnLock(); break; } } //SessionID if (!SingleOnline.ContainsKey(Session.SessionID)) { SingleOnline[Session.SessionID] = UserID; System.Web.HttpContext.Current.Application.Lock(); System.Web.HttpContext.Current.Application[Property.Online] = SingleOnline; System.Web.HttpContext.Current.Application.UnLock(); } }
2.使用ActionFilter來實現單點登錄,每次點擊控制器都去查詢過濾是否在其它地方登錄
/// <summary> /// 用戶基礎信息過濾器 /// </summary> public class LoginActionFilter : ActionFilterAttribute { /// <summary> /// 初始化地址 /// </summary> public const string Url = "~/Login/Index?error="; /// <summary> /// 該方法會在action方法執行之前調用 /// </summary> /// <param name="filterContext">上下文</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { // 獲取上一級url // var url1 = filterContext.HttpContext.Request.UrlReferrer; UserLoginBaseInfo _userLogin = filterContext.HttpContext.Session[Property.UerLoginSession] as UserLoginBaseInfo; // 用戶是否登陸 if (_userLogin == null) { filterContext.Result = new RedirectResult(Url + "登陸時間過期,請重新登陸!&url=" + filterContext.HttpContext.Request.RawUrl); } else { filterContext.HttpContext.Session.Timeout = 30; } //判斷是否在其它地方登錄 Hashtable singleOnline = (Hashtable)System.Web.HttpContext.Current.Application[Property.Online]; // 判斷當前SessionID是否存在 if (singleOnline != null && !singleOnline.ContainsKey(HttpContext.Current.Session.SessionID)) filterContext.Result = new RedirectResult(Url + "你的帳號已在別處登陸,你被強迫下線!"); base.OnActionExecuting(filterContext); } /// <summary> /// 執行後 /// </summary> /// <param name="filterContext"></param> public override void OnResultExecuting(ResultExecutingContext filterContext) { //記錄操作日志,寫進操作日志中 var controllerName = filterContext.RouteData.Values["controller"]; var actionName = filterContext.RouteData.Values["action"]; base.OnResultExecuting(filterContext); }
3.用戶正常退出或則非正常退出處理當前用戶信息銷毀Session
/// <summary> /// Session銷毀 /// </summary> protected void Session_End() { Hashtable SingleOnline = (Hashtable)Application[Property.Online]; if (SingleOnline != null && SingleOnline[Session.SessionID] != null) { SingleOnline.Remove(Session.SessionID); Application.Lock(); Application[Property.Online] = SingleOnline; Application.UnLock(); } Session.Abandon(); }
轉載說明原文地址:https://i.cnblogs.com/EditPosts.aspx?opt=1