protected void loginbtn_Click(object sender, EventArgs e) { if (Page.IsValid) { AdminUserBll bllAdminUser = new AdminUserBll(); AdminUserModel loginAdminUser = new AdminUserModel(); loginAdminUser.UserName = loginusername.Text; loginAdminUser.Pwd = loginuserpassword.Text; try { loginAdminUser = bllAdminUser.GetModelLogin(loginAdminUser); if (loginAdminUser.SuId != 0) { UserCustomValidator.IsValid = true; Session["CurrentAdminUser"] = loginAdminUser; Response.Redirect("News.aspx"); } else { UserCustomValidator.ErrorMessage = "用户名或密码错误!"; UserCustomValidator.IsValid = false; } } catch (Exception) { UserCustomValidator.ErrorMessage = "登陆异常!"; UserCustomValidator.IsValid = false; } } }
private void GetSession() { try { int id = int.Parse(Key.FromBase64String(Request.Cookies["AdminCookies"]["SuperAdminUserCookies"].ToString())); T_AdminUser AdminUser = new AdminUserBll().GetModel(id); Session["SuperAdminUser"] = AdminUser; Session["AdminState"] = AdminUser.AdminState; } catch { throw; } }
public override void OnActionExecuting(System.Web.Mvc.ActionExecutingContext filterContext) { #region 判断是否有 此 controller 和 action 的权限 LoginUserViewModel user = AdminUserBll.GetLoginUser(); var permissionListAll = ModuleBll.Instance.GetLevelModuleListIsArrayAllInCache(); if (null != user && !string.IsNullOrEmpty(user.user_name)) { bool ret = true; if (user.PermissionList != null && user.PermissionList.Count > 0) { string action = filterContext.ActionDescriptor.ActionName; string controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; string url = (controller + "/" + action).ToUpper(); var module = permissionListAll.FirstOrDefault(c => c.action_url.ToUpper() == url); if ((controller.ToUpper() != "HOME" && action.ToUpper() != "LOGIN") && controller.ToUpper() != "MENU" && module != null) /*此Action下的不作权限*/ //&& module != null { ret = AdminUserBll.LoginUserIsPermission(controller, action, user); } if (!ret) { filterContext.HttpContext.Response.Redirect("/Home/NoRight", true); throw new System.Web.HttpException(403, "无权访问"); } } } else { filterContext.HttpContext.Response.Redirect("/login", true); } #endregion base.OnActionExecuting(filterContext); }
public ActionResult SignOut() { AdminUserBll.SignOut(); return(Redirect("/Login")); }