public async Task <RedirectResult> Logout() { //获取当前用户信息 var currentUser = FormAuthenticationExtension.Current(SystemWeb.HttpContext.Current.Request); if (currentUser != null) { var loginLog = await _loginLogLogic.GetByIdAsync(currentUser.LoginId); if (loginLog != null) { loginLog.LoginOutTime = DateTime.Now; var timeSpan = (TimeSpan)(loginLog.LoginOutTime - loginLog.LoginTime); loginLog.StandingTime = timeSpan.TotalHours; await _loginLogLogic.UpdateAsync(loginLog); } } FormAuthenticationExtension.SignOut(); return(Redirect("/Account/Login")); }
/// <summary> /// 执行方法前进入该重置方法 /// 1、一个帐号只能在一个地方登录 /// 2、权限验证 /// </summary> /// <param name="filterContext"></param> public override void OnActionExecuting(ActionExecutingContext filterContext) { //获取当前登录人员信息 PrincipalUser currentUser = FormAuthenticationExtension.Current(HttpContext.Current.Request); #region 是否具有忽略验证特性 //是否具有忽略特性:若有忽略特性则不进行其他的验证 if (filterContext.ActionDescriptor.IsDefined(typeof(IgnoreAttribute), false)) { return; } #endregion #region 一个帐号只能在一个浏览器登录 if (GlobalParams.Get("loginOnce").ToString() == "是") { //如果当前登录人员信息不为空 if (currentUser != null) { //检查对应登录状态缓存是否为空 if (HttpRuntime.Cache[currentUser.Code] != null) { if (filterContext.HttpContext.Session != null && HttpRuntime.Cache[currentUser.Code].ToString() != filterContext.HttpContext.Session.SessionID) { //清空Session filterContext.HttpContext.Session.Remove(currentUser.Code); //清空Cookie FormAuthenticationExtension.SignOut(); //跳转强制下线界面 ErrorRedirect(filterContext, "/Error/HaveLogin"); } } //否则重新赋值Cache else { if (filterContext.HttpContext.Session != null) { filterContext.HttpContext.Session[currentUser.Code] = currentUser.UserId; HttpRuntime.Cache[currentUser.Code] = filterContext.HttpContext.Session.SessionID; } } } } #endregion #region 用户是否登录 PrincipalUser principalUser = FormAuthenticationExtension.Current(HttpContext.Current.Request); if (principalUser == null) { ErrorRedirect(filterContext, "/Error/ReturnToLogin"); return; } #endregion #region 是否具有HttpPost/HttpGet请求验证 var isAjaxRequest = filterContext.HttpContext.Request.IsAjaxRequest(); #endregion #region 验证该方法是否需要进行权限验证 //todo:1、获取用户信息。2、从缓存中获取该用户权限,若没有数据则从数据库中重新拉取(有可能缓存失效),再将权限数据填充到缓存中。 //配置的当前系统代码 string appCode = ConfigurationManager.AppSettings["AppCode"]; //区域 string area = string.Empty; //控制器 string controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; //方法 string action = filterContext.ActionDescriptor.ActionName; var routeData = filterContext.RequestContext.RouteData; if (routeData.DataTokens["area"] != null) { area = routeData.DataTokens["area"].ToString(); } //调用Api接口查看是否具有该权限 string apiUrl = ConfigurationManager.AppSettings["SolutionApiUrl"]; //是否为Ajax请求,若是Ajax请求则不进行界面验证(此处只验证视图) if (!isAjaxRequest) { if (currentUser != null) { //string request = RequestUtil.SendPostRequest(apiUrl + "api/System/Permission/GetSystemPermissionsMvcRote", //"UserId=" + currentUser.UserId + "&AppCode=" + appCode + "&Area=" + area + "&Controller=" + controller + "&Action=" + action); //OperateStatus operateStatus = request.Deserialize<OperateStatus>(); //if (operateStatus.ResultSign == ResultSign.Error) //{ // //ErrorRedirect(filterContext, "/Error/Warn"); //} } } #endregion }