protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } //1. 如果session中不存在user对象,说明session超时或者用户没有登录 var session = httpContext.Session; if (session["user"] == null) { //var cookie = httpContext.Request.Cookies["usrck"]; //if (cookie == null) //{ AbsAuthorizeLoginResult result = AbsAuthorizeLogin.AuthorizeCore(httpContext.Request["token"], "http://localhost:54805/"); if (!result.Success) { httpContext.Response.StatusCode = 401; } else { session["user"] = result.User; httpContext.Request.Cookies.Add(new HttpCookie("usrck", JsonConvert.SerializeObject(result.User))); } //} //else //{ // session["user"] = JsonConvert.DeserializeObject<SessionUser>(cookie.Value); //} } //3. 通过角色鉴权 return(true); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { //本系统验证登陆 if (!HttpContext.Current.User.Identity.IsAuthenticated) { //sso服务端验证是否登陆 AbsAuthorizeLoginResult result = AbsAuthorizeLogin.AuthorizeCore(httpContext.Request["token"], "http://localhost:54805/"); if (!result.Success) { httpContext.Response.StatusCode = 401; return(false); } else { string CookieUser = JsonConvert.SerializeObject(new CookieUser() { UserId = result.User.UserId, RoleId = result.User.UserRole.ID, LoginName = result.User.LoginName, RoleName = result.User.UserRole.Name }); //序列化用户实体 FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, result.User.LoginName, DateTime.Now, DateTime.Now.AddDays(1), false, CookieUser); HttpCookie Cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(Ticket)); //加密身份信息,保存至Cookie httpContext.Response.Cookies.Add(Cookie); Cookie.HttpOnly = true; return(true); } } return(true); }