public IViewComponentResult Invoke() { byte[] result; HttpContext.Session.TryGetValue("LoginUser", out result);//得到登录用户 if (result != null) { LoginUser user = Serize <LoginUser> .ByteToObject(result); return(View(user.Permissions));//返回该用户的所有权限 } else { return(View()); } }
[HttpPost]//当点击按钮的时候调用下面的Login public ActionResult Login(IFormCollection form) { //查询表达式,当调用firstorDefault方法是才是调用了数据库 var user = (from u in _context.User where (u.UserId == form["UserID"] && u.Pwd == form["Pwd"]) select u).FirstOrDefault(); if (user == null) { ModelState.AddModelError("", "用户名或密码错误"); return(View()); } else { //登录当前浏览页面,Session(缓存的)会话保存登录信息,通过Session.setString保存user.UserId,保存到UserID这个参数名中 httpContext.HttpContext.Session.SetString("UserID", user.UserId);//只保存了编号 LoginUser loginUser = new LoginUser(); loginUser.user = user; //loginUser.Permissions = _context.Permissions.FromSql($"select * from permissions where permissionid in(select permissionid from authorationuser where userid={user.UserId}) or permissionid in(select permissionid from authorationrole a,userrole u where a.roleid=u.roleid and u.userid={user.UserId}) ").ToList();//查询权限 loginUser.Permissions = _context.Permissions.FromSql($"execute GetPermission {user.UserId} ").ToList(); httpContext.HttpContext.Session.Set("LoginUser", Serize <LoginUser> .ObjectToByte(loginUser));//保存了完整信息 return(RedirectToAction("/UserMain")); } }