protected virtual bool ExecAuthorizeCore(HttpContextBase httpContext)
{
//获取SessionKey
//var token = httpContext.Request[Define.Token];
var authenticationService = ServiceLocator.Current.Resolve<IAuthenticationService>();
if (!authenticationService.Islogged(httpContext))
{
httpContext.Response.StatusCode = 400;
return false;
}
//验证用户信息
try
{
_webSiteUser = authenticationService.GetCurrentUser(httpContext);
}
catch (Exception ex)
{
_log.Error(String.Format("{0}获取websiteuser失败,Ex.M{1},Ex.S{2} ", httpContext.User.Identity.Name, ex.Message, ex.StackTrace));
}
// 解密失败返回结果
if (_webSiteUser == null)
{
httpContext.Response.StatusCode = 401;
//httpContext.Response.SubStatusCode = 1;
return false;
}
return true;
}
public void SetAuthorize(HttpContextBase httpContext, WebSiteUser webSiteUser)
{
if (webSiteUser == null)
{
throw new ArgumentNullException("webSiteUser");
}
FormsAuthentication.SetAuthCookie(webSiteUser.ToJson(), false);
}
protected virtual void DoAuthorization(AuthorizationContext filterContext)
{
var httpContext = filterContext.HttpContext;
var authenticationService = ServiceLocator.Current.Resolve<IAuthenticationService>();
if (!authenticationService.Islogged(httpContext))
{
httpContext.Response.StatusCode = 400;
return;
}
//验证用户信息
try
{
_webSiteUser = authenticationService.GetCurrentUser(httpContext);
}
catch (Exception ex)
{
_log.Error(String.Format("{0}获取websiteuser失败,Ex.M{1},Ex.S{2} ", httpContext.User.Identity.Name, ex.Message, ex.StackTrace));
}
// 解密失败返回结果
if (_webSiteUser == null)
{
httpContext.Response.StatusCode = 401;
//httpContext.Response.SubStatusCode = 1;
return;
}
//authorize
string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string actionNae = filterContext.ActionDescriptor.ActionName;
UserController currentController = filterContext.Controller as UserController;
if (currentController == null)
return;
//if (!currentController.HasRightForAction(controllerName, actionNae))
//{
// httpContext.Response.StatusCode = 401;
// return;
//}
}