protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
if (!filterContext.HttpContext.Request.IsAjaxRequest())
{
CurrentDb.SysPageAccessRecord.Add(new SysPageAccessRecord()
{
UserId = User.Identity.GetUserId <int>(), AccessTime = DateTime.Now, PageUrl = filterContext.HttpContext.Request.Url.AbsolutePath, Ip = CommonUtils.GetIP()
});
CurrentDb.SaveChanges();
}
ILog log = LogManager.GetLogger(CommonSetting.LoggerAccessWeb);
log.Info(FormatUtils.AccessWeb(User.Identity.GetUserId <int>(), User.Identity.GetUserName()));
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true);
if (!skipAuthorization)
{
if (filterContext.HttpContext.Request.Url.AbsolutePath.IndexOf(WebBackConfig.GetLoginPage()) == -1)
{
if (Request.IsAuthenticated)
{
var userId = User.Identity.GetUserId <int>();
var user = CurrentDb.SysStaffUser.Where(m => m.Id == userId).FirstOrDefault();
if (user == null)
{
Response.Redirect(WebBackConfig.GetLoginPage() + "?out=0");
}
}
}
}
}
public JsonResult Login(LoginModel model)
{
GoToViewModel gotoViewModel = new GoToViewModel();
gotoViewModel.Url = WebBackConfig.GetLoginPage();
LoginManager <SysStaffUser> loginWebBack = new LoginManager <SysStaffUser>();
var result = loginWebBack.SignIn(model.UserName, model.Password, CommonUtils.GetIP(), Enumeration.LoginType.Website);
if (result.ResultType == Enumeration.LoginResult.Failure)
{
if (result.ResultTip == Enumeration.LoginResultTip.UserNotExist || result.ResultTip == Enumeration.LoginResultTip.UserPasswordIncorrect)
{
return(Json(ResultType.Failure, gotoViewModel, WebBackOperateTipUtils.LOGIN_USERNAMEORPASSWORDINCORRECT));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDisabled)
{
return(Json(ResultType.Failure, gotoViewModel, WebBackOperateTipUtils.LOGIN_ACCOUNT_DISABLED));
}
if (result.ResultTip == Enumeration.LoginResultTip.UserDeleted)
{
return(Json(ResultType.Failure, gotoViewModel, WebBackOperateTipUtils.LOGIN_ACCOUNT_DELETE));
}
}
gotoViewModel.Url = WebBackConfig.GetHomePage();
return(Json(ResultType.Success, gotoViewModel, WebBackOperateTipUtils.LOGIN_SUCCESS));
}
public ActionResult LogOff()
{
ILog log = LogManager.GetLogger(CommonSetting.LoggerLoginWeb);
log.Info(FormatUtils.LoginOffWeb(this.CurrentUserId, User.Identity.GetUserName()));
var identity = new AspNetIdentiyAuthorizeRelay <SysUser>();
identity.SignOut();
return(Redirect(WebBackConfig.GetLoginPage()));
}
public JsonResult ChangePassword(ChangePasswordModel model)
{
string oldPassword = model.OldPassword;
string newPassword = model.NewPassword;
var authorizeRelay = new AspNetIdentiyAuthorizeRelay <SysUser>();
bool result = authorizeRelay.ChangePassword(this.CurrentUserId, this.CurrentUserId, oldPassword, newPassword);
if (!result)
{
return(Json(ResultType.Failure, WebBackOperateTipUtils.CHANGEPASSWORD_OLDPASSWORDINCORRECT));
}
if (Request.IsAuthenticated)
{
authorizeRelay.SignOut();
}
return(Json(ResultType.Success, "点击<a href=\"" + WebBackConfig.GetLoginPage() + "\">登录</a>"));
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true);
if (skipAuthorization)
{
return;
}
#region 判断是否有该权限
if (Permissions != null)
{
MessageBoxModel messageBox = new MessageBoxModel();
messageBox.No = Guid.NewGuid().ToString();
messageBox.Type = MessageBoxTip.Exception;
messageBox.Title = "您没有权限访问,可能链接超时";
if (!filterContext.HttpContext.Request.IsAuthenticated)
{
messageBox.Content = "请重新<a href=\"javascript:void(0)\" onclick=\"window.top.location.href='" + WebBackConfig.GetLoginPage() + "'\">登录</a>后打开";
}
bool IsHasPermission = HttpContext.Current.User.Identity.IsInPermission(Permissions);
if (!IsHasPermission)
{
bool isAjaxRequest = filterContext.RequestContext.HttpContext.Request.IsAjaxRequest();
if (isAjaxRequest)
{
CustomJsonResult jsonResult = new CustomJsonResult(ResultType.Exception, ResultCode.Exception, messageBox.Title, messageBox);
jsonResult.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
filterContext.Result = jsonResult;
filterContext.Result.ExecuteResult(filterContext);
filterContext.HttpContext.Response.End();
return;
}
else
{
string masterName = "_LayoutHome";
if (filterContext.HttpContext.Request.QueryString["dialogtitle"] != null)
{
masterName = "_Layout";
}
filterContext.Result = new ViewResult {
ViewName = "MessageBox", MasterName = masterName, ViewData = new ViewDataDictionary {
Model = messageBox
}
};
return;
}
}
}
#endregion
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
base.HandleUnauthorizedRequest(filterContext);
filterContext.Result = new RedirectResult(WebBackConfig.GetLoginPage());
}