拦截器与登录验证
AuthLoginAttribute拦截器 public class AuthLoginAttribute : ActionFilterAttribute { public bool IsLogin = true; /// 登录状态 public AuthLoginAttribute() { IsLogin = true; } /// 登录状态 /// 是否登录状态 public AuthLoginAttribute(bool islogin) { IsLogin = islogin; } /// 判断登录状态 /// 过滤上下文 public override void OnActionExecuting(ActionExecutingContext filterContext) { if (!IsLogin) return; string loginUrl = "/Home/Login"; string refUrl = filterContext.HttpContext.Request.UrlReferrer != null ? filterContext.HttpContext.Request.UrlReferrer.ToString() : loginUrl; string controlName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower(); string actionName = filterContext.ActionDescriptor.ActionName.ToLower(); bool isChildAction = filterContext.IsChildAction; bool isAjax = filterContext.HttpContext.Request.IsAjaxRequest(); UserBaseController controller = filterContext.Controller as UserBaseController; if (!controller.IsLogin) { //异步处理 if (isAjax) { JsonResult jr = new JsonResult(); jr.Data = new BaseResponse() { ErrorCode = 500, Message = "请先登录!", Data = "need login" }; filterContext.Result = jr; } else if (filterContext.IsChildAction) { filterContext.Result = new ContentResult() { Content = "请先登录!" }; } else { string pq = null; if (filterContext.HttpContext.Request.Url != null) { pq = filterContext.HttpContext.Request.Url.PathAndQuery; } filterContext.Result = new RedirectResult(loginUrl); } } else { //权限判断 var userAuthority = OperSession.UserAuthority; string noAuth = "/Home/NoAuthorityUser?back=" + HttpUtility.UrlEncode(refUrl); if (userAuthority == null || userAuthority.Count == 0) { filterContext.Result = new RedirectResult(noAuth); } else { string route = "/" + controlName + "/" + actionName; //排除首页登陆,异步 if (route == "/home/index" || route == "/home/login" || isAjax || route == "/admin/userprofile" || route == "/admin/index") return; //检测权限访问 if (!userAuthority.Exists(a => a.Action?.ToLower() == actionName && a.Controller?.ToLower() == controlName)) { filterContext.Result = new RedirectResult(noAuth); } } } } } 用户登录验证 用户登录验证方法 /// 用户登录 /// 用户名 /// 用户密码 /// 客户端IP地址 /// 会话ID /// 是否MD5加密 /// public LoginResult ValidateLogin(string uName, string uPwd, string uIP, string sessionID, bool isMD5 = true) { string pwdMd5 = uPwd; if (isMD5) { pwdMd5 = uPwd.Crypt_MD5_Encode(32); } VUser loginUser = GetUser(uName, pwdMd5); if (loginUser == null) { return new LoginResult() { Message = "账号或密码错误。", ResultType = 0 }; } if (!loginUser.IsEnable) { return new LoginResult() { Message = "账号已禁用,请联系管理员。", ResultType = 0 }; } //用户权限初始化 var urCatalogue = loginUser.Permissions.IsNullOrEmpty() ? new List() : PermissionBll.GetIntegerinciples(loginUser.Permissions); if (urCatalogue.Count > 0) { //获取用户权限菜单 var menuData = new Dictionary>(); //获取所有父级菜单 var pMenu = urCatalogue.Where(a => a.ParentID == 0); foreach (var pItem in pMenu) { //获取子级菜单 var cMenu = urCatalogue.Where(a => a.ParentID == pItem.ID); foreach (var cItem in cMenu) { //获取孙级菜单 var ccMenu = urCatalogue.Where(a => a.ParentID == cItem.ID); foreach (var ccItem in ccMenu) { menuData.Add(pItem.CatalogueID, urCatalogue.Where(a => a.ParentID == pItem.ID)); } } } loginUser.ProjPermissions = loginUser.DataPermissions.IsNullOrEmpty() ? new List() : loginUser.DataPermissions.ToObjectFromJson>( newState: new List() ); OperSession.UserAuthority = urCatalogue.ToList(); loginUser.LoginSessionID = sessionID; loginUser.LoginIP = uIP; Helper.OperSession.UserInfo = loginUser; return new LoginResult() { Message = "登录成功。", ResultType = 1 }; } return new LoginResult() { Message = "该登录用户没有权限。", ResultType = 0 }; } 转载自:https://www.cnblogs.com/daxiongblog/p/7066909.html 