protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (!httpContext.User.Identity.IsAuthenticated)
{
return(false);
}
//根据用户角色
string actionName = httpContext.Request.RequestContext.RouteData.Values["action"].ToString().ToLower();
string controllerName = httpContext.Request.RequestContext.RouteData.Values["controller"].ToString().ToLower();
string httpMethod = httpContext.Request.HttpMethod.ToLower();
ISysAdminService sysAdminService = IOC.Resolve <ISysAdminService>();
//判断是否超级管理员
var sysAdmin = sysAdminService.Get(m => m.IsAdmin && m.UserName == httpContext.User.Identity.Name);
if (sysAdmin != null && sysAdmin.Id > 0)
{
return(base.AuthorizeCore(httpContext));
}
ISysAdminRoleService sysAdminRoleService = IOC.Resolve <ISysAdminRoleService>();
var entity = sysAdminRoleService.Get(m => m.SysRole.SysRoleMenu.Any(w => w.SysMenu.Controller.ToLower() == controllerName && w.SysMenu.Action.ToLower() == actionName));
if (entity != null && entity.Id > 0)
{
return(base.AuthorizeCore(httpContext));
}
return(false);
}
/// <summary>
/// 清除会员登录缓存信息
/// </summary>
public static void ClearUserLogin()
{
try
{
var loginData = LoginData;
#region 重新获取并写入Cookie
var model = AdminService.Get(w => w.Id == loginData.Id);
if (model != null)
{
#region 保存票据
UserLoginEncrypt userLoginEncryptData = new UserLoginEncrypt();
userLoginEncryptData.UserData = string.Format(Config.userData
, model.Id
//, model.UserGuid
, model.UserName
, loginData.Password
//, model.Mobile
//, model.Email
, model.Name
//, model.UserPic
//, model.Gender
, model.Enabled
//, loginData.Logins
, loginData.LoginDate
, loginData.LoginIp
, loginData.IsAdmin
);
if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
{
//写入Session值
if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
{
UserLoginData _data = XmlToModel.ToUser(userLoginEncryptData.UserData);
if (_data != null)
{
SessionUser.WriteSession(_data.Id);
SessionUser.WriteSession(_data);
}
//用于校验cookie值是否被修改和Session的及时性
SessionUser.WriteSessionMd5(Security.Md5(userLoginEncryptData.UserData));
}
//写入Cookie
userLoginEncryptData.UserData = Security.DesEncrypt(userLoginEncryptData.UserData);
Cookie.WriteCookie(userLoginEncryptData, DateTime.Now.AddDays(7));
}
#endregion
}
#endregion
}
catch { }
}
public ActionResult Admin()
{
int id = GetQueryInt("id");
return(View(_sysAdminService.Get(m => m.Id == id) ?? new SysAdmin()));
}