/// <summary>
/// 验证是否在其它地方登录
/// </summary>
/// <param name="userInfo"></param>
/// <param name="filterContext"></param>
private bool CheckIsKickedOff(UserInfoView userInfo, AuthorizationContext filterContext)
{
string userKey = userInfo.Id.ToString();
string tokenKey = UserStatusCheck.Token;
HttpCookie tokenCookie = CookieHelper.Get(tokenKey);
if (tokenCookie != null)
{
string tokenkey = tokenCookie.Value;
string detail;
if (UserStatusCheck.IsKickedOff(tokenkey, userKey, out detail))
{
CacheHelper.Remove(tokenkey);
UserStatusCheck.ClearLocalCredential();
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new JsonResult()
{
Data = new { Sussess = false, Message = detail },
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
GotoLogin(filterContext, detail);
}
return(true);
}
}
return(false);
}
/// <summary>
/// 登录认证并进行权限验证
/// </summary>
/// <param name="filterContext">筛选器上下文</param>
public void OnAuthorization(AuthorizationContext filterContext)
{
HttpRequestBase request = filterContext.RequestContext.HttpContext.Request;
object objuserinfo = SessionHelper.GetSession(UserInfoOfSession);
//判断是否需要验证
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), false) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), false))
{
return;
}
if (filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower().Equals("login"))
{
return;
}
//bool result = true;
//string detail;
if (objuserinfo == null)
{
HttpCookie cookie = CookieHelper.Get(EncryptHelper.MD5(UserInfoOfCookie));
if (cookie != null)
{
string n1 = AppSettingsHelper.GetString("UserAccount");
string p1 = AppSettingsHelper.GetString("UserPassword");
string account = cookie[EncryptHelper.MD5(n1)];
string pswd = cookie[EncryptHelper.MD5(p1)];
UserBll userInfoBll = new UserBll();
UserInfoView user = userInfoBll.GetUserInfo(account);
if (user != null)
{
#region 登陆验证
if (CheckIsKickedOff(user, filterContext)) //验证是否被踢
{
return;
}
if (user.Password == pswd)
{
filterContext.Controller.ViewBag.CurrentUserInfo = user;
SessionHelper.SetSession(UserInfoOfSession, user);
return;
}
#endregion
//#region 权限验证
//user.UserAccessedControls = userInfoBll.GetAccessedControls(account);
//if (!string.IsNullOrEmpty(PermissionCode))
//{
// if (!user.UserAccessedControls.Contains(PermissionCode))
// {
// result = false;
// }
// if (result && AppCode.Equals("superadmin") && !user.Account.Equals("admin"))
// {
// result = false;
// }
// if (!result)
// {
// if (filterContext.HttpContext.Request.IsAjaxRequest())
// {
// filterContext.Result = new JsonResult()
// {
// Data = new { Sussess = false, Message = "无权操作" },
// JsonRequestBehavior = JsonRequestBehavior.AllowGet
// };
// }
// else
// {
// filterContext.Result = new RedirectResult("/401.html");
// }
// return;
// }
//}
//#endregion
}
}
UserStatusCheck.ClearLocalCredential();
//跳转到登录页
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new JsonResult()
{
Data = new { Success = false, Message = "登录已过期,请重新登录。" },
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
GotoLogin(filterContext);
}
}
else
{
UserInfoView userInfo = (UserInfoView)objuserinfo;
#region 登陆验证
if (CheckIsKickedOff(userInfo, filterContext)) //验证是否被踢
{
return;
}
filterContext.Controller.ViewBag.CurrentUserInfo = userInfo;
#endregion
//#region 权限验证
//if (!string.IsNullOrEmpty(PermissionCode))
//{
// if (!userInfo.UserAccessedControls.Contains(PermissionCode))
// {
// result = false;
// }
// if (result && AppCode.Equals("superadmin") && !userInfo.Account.Equals("admin"))
// {
// result = false;
// }
// if (!result)
// {
// if (filterContext.HttpContext.Request.IsAjaxRequest())
// {
// filterContext.Result = new JsonResult()
// {
// Data = new { Sussess = false, Message = "无权操作" },
// JsonRequestBehavior = JsonRequestBehavior.AllowGet
// };
// }
// else
// {
// filterContext.Result = new RedirectResult("/401.html");
// }
// return;
// }
//}
//#endregion
}
}
