public ActionResult LoginAction(string username, string password, string returnUrl)
{
if (string.IsNullOrWhiteSpace(username) && string.IsNullOrWhiteSpace(password))
{
return(RedirectToAction("Login", "Account", new { returnUrl = returnUrl, errorMsg = "用户名、密码不能为空!" }));
}
returnUrl = string.IsNullOrWhiteSpace(returnUrl) ? System.Web.Security.FormsAuthentication.DefaultUrl : returnUrl;
string msg = string.Empty;
PetaPoco.Database db = new PetaPoco.Database("DatabaseConn");
ApplicationRightService ars = new ApplicationRightService(db);
if (ars.Login(username, password))
{
var user = ars.GetUserByBadge(username);
System.Web.Security.FormsAuthentication.SetAuthCookie(user.Badge + ":" + user.UserName, true);
return(RedirectToAction("Index", "Home"));
}
else
{
return(RedirectToAction("Login", "Account", new { returnUrl = returnUrl, errorMsg = msg, username = username }));
}
}
public void OnAuthorization(AuthorizationContext filterContext)
{
var badge = HttpContext.Current.User.Identity.Name;
PetaPoco.Database db = new PetaPoco.Database("DatabaseConn");
ApplicationRightService ars = new ApplicationRightService(db);
if (!ars.HaveRight(badge, _resourceName, _operationCode))
{
filterContext.Result = UtilHelper.Error("401", "您没有权限访问该模块", _isJsonResult);
}
}
