public ActionResult LoginIn(string username, string password, string rememberMe, string returnUrl)
{
JsonRsp json = new JsonRsp {
success = false
};
if (!ModelState.IsValid)
{
return(Json(json, JsonRequestBehavior.AllowGet));
}
bool status = Request.IsAuthenticated;
json = bll.Login(username, password);
if (!json.success)
{
return(Json(json, JsonRequestBehavior.AllowGet));
}
AdminAccount account = (AdminAccount)json.returnObj;
string host = HttpContext.Request.Url.Host;
long tenantId = 0;
TenantModel tenant = tenantBLL.GetAllModelList().Find(o => o.TenantDomain.ToLower() == host.ToLower());
if (tenant != null)
{
tenantId = tenant.ID;
account.TenantId = tenantId;
}
////4. 用户描述用户基本信息
//AccountViewModel userInfo = new AccountViewModel()
//{
// ID = json.code,
// AccountName = json.retmsg,
//};
//2.用它来序列化要对象
JavaScriptSerializer serial = new JavaScriptSerializer();
//5. 生成初始化凭据
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(30),
false,
serial.Serialize(account)
);
//6. 加密
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//7. 响应到客户端
System.Web.HttpCookie authCookie = new System.Web.HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
System.Web.HttpContext.Current.Response.Cookies.Add(authCookie);
//8. 返回首页, 也可以跳回 RetureUrl
//获取用户权限
//获取用户配置信息
//租户ID
//TenantId
if (!String.IsNullOrEmpty(returnUrl))
{
json.retmsg = returnUrl;
}
else
{
json.retmsg = "/Admin/Home/";
}
return(Json(json, JsonRequestBehavior.AllowGet));
//if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl);
//else return RedirectToAction("Home", "Admin");
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//获取当前域名
string host = filterContext.HttpContext.Request.Url.Host;
long tenantId = 0;
TenantModel tenant = tenantBLL.GetAllModelList().Find(o => o.TenantDomain.ToLower() == host.ToLower());
if (tenant != null)
{
tenantId = tenant.ID;
CacheHelper.SetCookie("tenantId", "tenantId");
}
//获取当前控制器信息
string controllername = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower();
string actionname = filterContext.ActionDescriptor.ActionName.ToLower();
string allowActions = string.Empty;
if (!filterContext.RequestContext.HttpContext.Request.IsAuthenticated)
{
//未登录的时候,此处加了一个判断,判断同步请求还是一部请求
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
//异步请求,返回JSON数据
filterContext.Result = new JsonResult
{
Data = new
{
Status = -1,
Message = "登录已过期,请刷新页面后操作!"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
//非异步请求,则跳转登录页
FormsAuthentication.RedirectToLoginPage();//重定向会登录页
}
}
else
{
//1.登录状态获取用户信息(自定义保存的用户)
var cookie = filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
//2.使用 FormsAuthentication 解密用户凭据
var ticket = FormsAuthentication.Decrypt(cookie.Value);
AccountViewModel loginUser = new AccountViewModel();
//3. 直接解析到用户模型里去,有没有很神奇
loginUser = new JavaScriptSerializer().Deserialize <AccountViewModel>(ticket.UserData);
//4. 将要使用的数据放到ViewData 里,方便页面使用
filterContext.Controller.ViewData["UserName"] = loginUser.AccountName;
//filterContext.Controller.ViewData["Portrait"] = loginUser.Portrait;
filterContext.Controller.ViewData["UserID"] = loginUser.ID;
}
// 别忘了这一句。
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//获取当前域名
string host = filterContext.HttpContext.Request.Url.Host;
long tenantId = 0;
TenantModel tenant = tenantBLL.GetAllModelList().Find(o => o.TenantDomain.ToLower() == host.ToLower());
if (tenant != null)
{
tenantId = tenant.ID;
//CacheHelper.SetCookie("tenantId", "tenantId");
}
//获取当前控制器信息
string controllername = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower();
string actionname = filterContext.ActionDescriptor.ActionName.ToLower();
string allowActions = string.Empty;
if (!filterContext.RequestContext.HttpContext.Request.IsAuthenticated)
{
//未登录的时候,此处加了一个判断,判断同步请求还是一部请求
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
//异步请求,返回JSON数据
filterContext.Result = new JsonResult
{
Data = new
{
Status = -1,
Message = "登录已过期,请刷新页面后操作!"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
//非异步请求,则跳转登录页
FormsAuthentication.RedirectToLoginPage();//重定向会登录页
}
}
else
{
//1.登录状态获取用户信息(自定义保存的用户)
var cookie = filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
//2.使用 FormsAuthentication 解密用户凭据
var ticket = FormsAuthentication.Decrypt(cookie.Value);
AccountViewModel loginUser = new AccountViewModel();
//3. 直接解析到用户模型里去,有没有很神奇
loginUser = new JavaScriptSerializer().Deserialize <AccountViewModel>(ticket.UserData);
//4. 将要使用的数据放到ViewData 里,方便页面使用
filterContext.Controller.ViewData["UserName"] = loginUser.AccountName;
//filterContext.Controller.ViewData["Portrait"] = loginUser.Portrait;
filterContext.Controller.ViewData["UserID"] = loginUser.ID;
//var actionParameters = filterContext.ActionDescriptor.GetParameters();
//foreach (var p in actionParameters)
//{
// if (p.ParameterType == typeof(string))
// {
// if (filterContext.ActionParameters[p.ParameterName] != null)
// {
// filterContext.ActionParameters[p.ParameterName] = StringHelper.GetValidScriptMsg(filterContext.ActionParameters[p.ParameterName].ToString());
// }
// }
//}
//////对参数的过滤,例如处理一些比较敏感的信息
////string parameterName = "AdminName";
//////s1: 获取参数信息 ,得到参数的个数以及每个参数的类别
////filterContext.ActionDescriptor.GetParameters();
//////s2: 获取参数值,返回一个字典
//////parameterValue 参数值 , parameterName 参数名
////var parameterValue = filterContext.ActionParameters[parameterName];
//////s3: 敏感信息过滤
////// 过滤算法
////// 过滤后赋值
//////filterContext.ActionParameters[parameterName] = newParameterValue;
////追加参数
//var parameters = filterContext.ActionParameters;
//parameters.Add("TenantId", loginUser.TenantId);
//parameters.Add("CreateId", loginUser.ID);
//parameters.Add("AdminName", loginUser.AccountName);
//parameters.Add("CreateIP", Util.GetLocalIP);
//parameters.Add("CreateTime", DateTime.Now);
//parameters.Add("UpdateId", loginUser.ID);
//parameters.Add("UpdateUser", loginUser.AccountName);
//parameters.Add("UpdateIP", Util.GetLocalIP);
//parameters.Add("UpdateTime", DateTime.Now);
}
// 别忘了这一句。
base.OnActionExecuting(filterContext);
//if (parameters.Keys.Contains("qxun_userkey"))
//{
// parameters["qxun_userkey"] as string;
//}
}