public ActionResult Personal([Bind(Exclude = "RealName, StuNumber, Identification")] AcntWithoutPsw userAcnt) { var result = new QsResult { Success = false }; if (ModelState.IsValid) { var userInCookie = CustomAuthorizeAttribute.GetUser(); if (userAcnt.UserId != userInCookie.UserId) { result.Message = @"请不要尝试修改您不允许改动的内容"; return(Json(result)); } var original = _userService.GetUserById(userInCookie.UserId); if (TryUpdateModel(original, null, null, new [] { "RealName", "StuNumber", "Identification", "Roles" })) { _userService.UpdateUserInformation(original); SafeOutAuthCookie(); SetAuthCookie(QsMapper.CreateMap <UserDto, UserSafetyModel>(original)); result.Success = true; return(Json(result)); } } return(Json(result)); }
public static async Task Authorize(HttpContext httpContext, Func next) { var endpointMetaData = httpContext.GetEndpoint().Metadata; bool hasCustomAuthorizeAttribute = endpointMetaData.Any(x => x is CustomAuthorizeAttribute); if (!hasCustomAuthorizeAttribute) { await next.Invoke(); return; } CustomAuthorizeAttribute customAuthorizeAttribute = endpointMetaData .FirstOrDefault(x => x is CustomAuthorizeAttribute) as CustomAuthorizeAttribute; // Check if user has allowed role or super administrator role bool isAuthorized = customAuthorizeAttribute.AllowedUserRoles .Any(allowedRole => httpContext.User.IsInRole(allowedRole) || httpContext.User.IsInRole("SuperAdministrator")); if (isAuthorized) { await next.Invoke(); return; } httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; await httpContext.Response.WriteAsync("unauthorized"); }
public ActionResult Confirmation(AccountModel model) { var userDto = CustomAuthorizeAttribute.GetUser(); if (ModelState.IsValid) { var initUser = _userService.GetUserById(userDto.UserId); if (TryUpdateModel(initUser, null, null, new[] { "UserId", "RealName", "StuNumber", "Identification", "State", "PhotoUrl", "Roles" })) { if (initUser.State == UserState.Activated || initUser.State == UserState.Retire) { ModelState.AddModelError("duplicate", @"用户的状态出现错误:" + initUser.State); } else { //将用户状态设为激活状态,此种情况下才能执行查看其他页面 initUser.State = UserState.Activated; if (!String.IsNullOrEmpty(model.Password)) { initUser.Password = Utilities.MD5(model.Password); } _userService.UpdateUserInformation(initUser); SafeOutAuthCookie(); SetAuthCookie(QsMapper.CreateMap <UserDto, UserSafetyModel>(initUser)); return(Content("<script>alert('填写成功!');window.location='/Account/ProfileDetail'</script>")); } } } BindSelectListDataSource((int)userDto.Gender); return(View(model)); }
public ActionResult _NewMessageNum() { var user = CustomAuthorizeAttribute.GetUser(); var newNum = _myMessageService.GetUnreadMessage(user.UserId); return(Json(new { num = newNum })); }
public JsonResult IsUserNameAvailable(string userName) { var user = CustomAuthorizeAttribute.GetUser(); var message = _userService.ExistsUserNickName(userName, user.UserId); return(!message.Status ? Json(true, JsonRequestBehavior.AllowGet) : Json("该用户名已存在", JsonRequestBehavior.AllowGet)); }
public ActionResult ProfileDetail() { var user = CustomAuthorizeAttribute.GetUser(); ViewBag.Photo = user.PhotoUrl; return(View()); }
static void Main(string[] args) { Test test = new Test(); CustomAuthorizeAttribute customAuthorizeAttribute = (CustomAuthorizeAttribute)Attribute.GetCustomAttribute(typeof(Test), typeof(CustomAuthorizeAttribute)); customAuthorizeAttribute.Test(); Console.ReadKey(); }
public ActionResult _Personal() { var user = CustomAuthorizeAttribute.GetUser(); BindSelectListDataSource((int)user.Gender); var result = _userService.GetUserById(user.UserId); return(PartialView(QsMapper.CreateMap <UserDto, AcntWithoutPsw>(result))); }
protected void Application_Start() { AreaRegistration.RegisterAllAreas(); RouteConfig.RegisterRoutes(RouteTable.Routes); CustomAuthorizeAttribute customAuthorizeAttribute = new CustomAuthorizeAttribute(); GlobalFilters.Filters.Add(customAuthorizeAttribute); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); bool isAuthorized; if (!(filterContext.HttpContext.User is IUserPrincipal user)) { isAuthorized = new CustomAuthorizeAttribute(Right).HasRightsToAction(filterContext.ActionDescriptor); }
protected void Application_Start() { AreaRegistration.RegisterAllAreas(); RouteConfig.RegisterRoutes(RouteTable.Routes); CustomAuthorizeAttribute authorizeAttribute = new CustomAuthorizeAttribute(); authorizeAttribute.AllowAccessToUser = true; GlobalFilters.Filters.Add(authorizeAttribute); GlobalFilters.Filters.Add(new CustomErrorHandlerAttribute()); }
public ActionResult Delete(Int64 id, bool type = true) { var user = CustomAuthorizeAttribute.GetUser(); var model = _myMessageService.GetMyMessageById(id); if (type) { _myMessageService.DeleteMyMessage(id); return(Content("true")); } model.Status = true; var temp = _myMessageService.ChangeMyMessageDescription(id, model); return(Content(temp ? "true" : "false")); }
public ActionResult NewsFormPartial(NewsCommentDto model) { var result = new QsResult(); if (!Request.IsAjaxRequest()) { return(new EmptyResult()); } model.CreateTime = DateTime.Now; model.UniqueKey = Utilities.GetRamCodeOnDate(); if (System.Web.HttpContext.Current.Request.IsAuthenticated) { var curUser = CustomAuthorizeAttribute.GetUser(); if (curUser.UserId == model.IsMember) { if (ModelState.IsValid) { //result.Success = true; //result.Message = @"用户登陆状态下验证成功"; _commentService.AddNewsComment(model); var newModel = _commentService.GetNewestCommentInNewsWithFilter(model.UniqueKey); return(PartialView("_SegmentPartial", newModel)); } result.Success = false; result.Message = @"用户登陆状态下验证失败~~"; return(Json(result)); } result.Success = false; result.Message = @"用户的编号在客户端被修改,导致内容不一致"; return(Json(result)); } if (ModelState.IsValid) { //result.Success = true; //result.Message = @"游客状态下验证成功"; //return Json(result); if (String.IsNullOrEmpty(model.NickName)) { model.NickName = @"[匿名用户]"; } _commentService.AddNewsComment(model); var newModel = _commentService.GetNewestCommentInNewsWithFilter(model.UniqueKey); return(PartialView("_SegmentPartial", newModel)); } result.Success = false; result.Message = @"游客状态下验证失败"; return(Json(result)); }
public ActionResult ProfileDetail() { var user = CustomAuthorizeAttribute.GetUser(); if (user == null) { return(RedirectToAction("Login", "Home")); } if (user.PhotoUrl == null) { user.PhotoUrl = "default.jpg"; } ViewBag.Photo = user.PhotoUrl; return(View()); }
public ActionResult _NewsFormPartial(Int64 id) { var model = new NewsCommentDto { NewsId = id }; if (!System.Web.HttpContext.Current.Request.IsAuthenticated) { return(PartialView(model)); } var curUser = CustomAuthorizeAttribute.GetUser(); model.IsMember = curUser.UserId; model.NickName = curUser.UserName; model.Email = curUser.Email; return(PartialView(model)); }
private CustomAuthorizeAttribute GetAuthorizeAttribute(HttpActionDescriptor actionDescriptor) { // Check action level CustomAuthorizeAttribute result = actionDescriptor .GetCustomAttributes <CustomAuthorizeAttribute>() .FirstOrDefault(); if (result != null) { return(result); } // Check class level result = actionDescriptor .ControllerDescriptor .GetCustomAttributes <CustomAuthorizeAttribute>() .FirstOrDefault(); return(result); }
public ActionResult Register(AccountModel model) { var userDto = CustomAuthorizeAttribute.GetUser(); if (ModelState.IsValid) { { model.StuNumber = DateTime.Now.ToShortTimeString(); if (!String.IsNullOrEmpty(model.Password)) { model.Password = Utilities.MD5(model.Password); } model.State = UserState.Activated; var _userDto = QsMapper.CreateMap <AccountModel, UserDto>(model); _userService.AddUser(_userDto); return(Content("<script>alert('填写成功!');window.location='/Account/ProfileDetail'</script>")); } } BindSelectListDataSource((int)userDto.Gender); return(View(model)); }
public ActionResult Message(string type = "unread", int pageIndex = 1) { var user = CustomAuthorizeAttribute.GetUser(); IEnumerable <MyMessageDto> result; var temp = (List <MessageDto>)_messageService.GetAllMessages(); IList <MessageDto> models = new List <MessageDto>(); if (type.Equals("unread") || !type.Equals("read")) { result = _myMessageService.GetMyMessagesWithStatus(user.UserId, false); ViewBag.Type = "unread"; if (result == null) { return(View((new List <MessageDto>()).ToPagedList(pageIndex, 5))); } foreach (var item in result) { var model = temp.Find(it => it.MId == item.MId); model.Appendix = item.MyId.ToString(CultureInfo.InvariantCulture); models.Add(model); } } else { result = _myMessageService.GetMyMessagesWithStatus(user.UserId, true); ViewBag.Type = "read"; if (result == null) { return(View((new List <MessageDto>()).ToPagedList(pageIndex, 5))); } foreach (var item in result) { var model = temp.Find(it => it.MId == item.MId); model.Appendix = item.MyId.ToString(CultureInfo.InvariantCulture); models.Add(model); } } return(View(models.ToPagedList(pageIndex, 5))); }
public IHttpActionResult LogIn(UserInfo user) { UserInfo u; HttpCookie cookie; var curContext = HttpContext.Current; using (var userStore = new UserStore()) { if ((cookie = HttpContext.Current.Request.Cookies.Get(CustomAuthorizeAttribute.authUserCookie)) != null) { return(Ok <UserInfo>(userStore.GetCurrentUserInfo())); } u = userStore.FindByNameAsync(user.name).Result; } if (u != null) { if (u.status == Model.USER_STATUS.BANNED) { return(BadRequest("Your account was banned")); } var pHasher = new PasswordHasher(); if (pHasher.VerifyHashedPassword(u.GetHash(), user.password) == PasswordVerificationResult.Success) { cookie = new HttpCookie(CustomAuthorizeAttribute.authUserCookie, CustomAuthorizeAttribute.EncryptId(u.id)); curContext.Response.Cookies.Set(cookie); return(Ok <UserInfo>(u)); } } return(Unauthorized()); }