public ActionResult Login(User user)
{
User loginedUser;
try
{
loginedUser = userService.Login(user.Username, user.Password);
}
catch (BizException e)
{
ModelState.AddModelError("", e.ToString());
return View();
}
catch (Exception e)
{
ModelState.AddModelError("", "系统错误");
log.Error("登录错误", e);
return View();
}
if (user.RemeberMe)
{
HttpCookie cookie = new HttpCookie(UserAuthorizeAttribute.COOKIE_USER_REMEBER_KEY);
cookie.Expires = DateTime.Now.AddDays(7);
cookie[UserAuthorizeAttribute.COOKIE_USER_IDENTITY_KEY] = EncryptUtility.AESEncrypt(user.ID.ToString(), UserAuthorizeAttribute.COOKIE_SECURITY_ENCRYPT);
Response.Cookies.Add(cookie);
}
AuthorizedUser author = new AuthorizedUser(loginedUser);
author.Rights = userService.GetUserRights(loginedUser.ID);
Session[UserAuthorizeAttribute.AUTHORITY_USER_SESSION_KEY] = author;
return RedirectToAction("Index", "Home");
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//验证SESSION
if (httpContext.Request.RawUrl.Contains("/Home/Login"))
return true;
//if (httpContext.Request.RawUrl.Contains("/File/Upload"))
// return true;
//HttpCookie IdenUser = httpContext.Request.Cookies.Get("JJY_REMEBER_USER");
//string ident = IdenUser["USER_IDENTIY"];
if (httpContext.Session[AUTHORITY_USER_SESSION_KEY] == null)
{
HttpCookie IdenUser = httpContext.Request.Cookies.Get(COOKIE_USER_REMEBER_KEY);
if (IdenUser != null)
{
string ident = IdenUser[COOKIE_USER_IDENTITY_KEY];
UserService userService = new UserService();
User user = userService.GetUser(Convert.ToInt32(EncryptUtility.AESDecrypt(ident, COOKIE_SECURITY_ENCRYPT)));
AuthorizedUser authorizedUser = new AuthorizedUser(user);
authorizedUser.Rights = userService.GetUserRights(authorizedUser.ID);
httpContext.Session["Authority"] = authorizedUser;
}
else
{
return false;
}
//return false;
}
string UserName = httpContext.User.Identity.Name; //当前登录用户的用户名
//查询当前用户是否拥有权限
if (UserName.ToLower().Trim() == "admin")
return true;
return true;
}
