/// <summary> /// 重写方法 /// </summary> /// <param name="actionContext"></param> public override void OnActionExecuting(HttpActionContext actionContext) { // 无需认证处理 if (actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() || actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any()) { return; } // 通过cookie获取token信息 string token = CookieHelper.GetCookieByKey(Constants.TOKEN); if (string.IsNullOrWhiteSpace(token)) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); actionContext.Response.Headers.Location = new Uri("https://localhost:44331/login"); } // 判断服务器端token是否 if (HttpContext.Current != null && HttpContext.Current.User != null) { AuthenticationPrincipal authenticationPrincipal = HttpContext.Current.User as AuthenticationPrincipal; if (authenticationPrincipal == null) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); actionContext.Response.Headers.Location = new Uri("https://localhost:44331/login"); } else { KTApplicationIdentity ktApplicationIdentity = authenticationPrincipal.Identity as KTApplicationIdentity; if (ktApplicationIdentity.Token == null) { GetHttpActionContext(actionContext, returnUrl); } if (ktApplicationIdentity.Token != null && ktApplicationIdentity.Token != token) { GetHttpActionContext(actionContext, returnUrl); } } } else { GetHttpActionContext(actionContext, returnUrl); } if (roleList != RoleEnum.None) { // TODO 获取当前用户真实角色 RoleEnum userRole = RoleEnum.KTDepartmentLeader; if (((RoleEnum)this.roleList & userRole) == userRole) { // 有权限做某事 } else { // 无权限做某事 } } }
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies["userCookie"]; if (authCookie != null) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); var serializeEmployeeModel = JsonConvert.DeserializeObject <Employee>(authTicket.UserData); AuthenticationPrincipal principal = new AuthenticationPrincipal(serializeEmployeeModel.EmployeeId); principal.EmployeeId = serializeEmployeeModel.EmployeeId; principal.FirstName = serializeEmployeeModel.FirstName; principal.LastName = serializeEmployeeModel.LastName; principal.Position = serializeEmployeeModel.Position; HttpContext.Current.User = principal; } }