protected virtual void PrepareAllRolesModel(UserModel model, User user = null) { if (model == null) throw new ArgumentNullException("model"); //所有角色 model.Roles = _roleService.GetAllRole().Where(t => t.Active).Select(t => new KeyValueModel { Text = t.Name, Value = t.Id.ToString() }).ToList(); //选中角色 if (user != null) { model.SelectedRoles = user.Roles.Select(t => t.Id).ToList(); } }
/// <summary> /// 从Cookie获取用户 /// </summary> /// <returns></returns> public virtual User GetAuthenticatedUser() { if (_cachedUser != null) return _cachedUser; var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; if (cookie == null) { return null; } var formsIdentity = FormsAuthentication.Decrypt(cookie.Value); //if (HttpContext.Current == null || // HttpContext.Current.Request == null || // !HttpContext.Current.Request.IsAuthenticated || // !(HttpContext.Current.User.Identity is FormsIdentity)) //{ // return null; //} //var formsIdentity = (FormsIdentity)HttpContext.Current.User.Identity; //var user = GetAuthenticatedUserFromTicket(formsIdentity.Ticket); var user = GetAuthenticatedUserFromTicket(formsIdentity); if (user != null && user.Active && !user.Deleted) _cachedUser = user; return _cachedUser; }
/// <summary> /// 退出 /// </summary> public virtual void SignOut() { _cachedUser = null; FormsAuthentication.SignOut(); }
/// <summary> /// 登录 /// </summary> /// <param name="user">用户对象</param> /// <param name="rememberMe">记住我</param> public virtual void SignIn(User user, bool rememberMe) { var now = DateTime.Now.ToLocalTime(); //将用户名保存到票据中 var ticket = new FormsAuthenticationTicket( 1, user.UserName, now, //now.Add(_expirationTimeSpan), now.AddDays(7), rememberMe, user.UserName, FormsAuthentication.FormsCookiePath ); //加密 var encryptedTicket = FormsAuthentication.Encrypt(ticket); //使用Cookie var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true, Secure = FormsAuthentication.RequireSSL, Path = FormsAuthentication.FormsCookiePath, }; if (ticket.IsPersistent) { cookie.Expires = ticket.Expiration; } if (FormsAuthentication.CookieDomain != null) { cookie.Domain = FormsAuthentication.CookieDomain; } // 将加密后的票据保存到Cookie发送到客户端 HttpContext.Current.Response.Cookies.Add(cookie); _cachedUser = user; }
/// <summary> /// 删除 /// </summary> /// <param name="user">用户实体</param> public virtual void DeleteUser(User user) { if (user == null) throw new ArgumentNullException("user"); user.Deleted = true; UpdateUser(user); }
/// <summary> /// 更新 /// </summary> /// <param name="user">用户实体</param> public virtual void UpdateUser(User user) { if (user == null) throw new ArgumentNullException("user"); _userRepository.Update(user); }
/// <summary> /// 插入 /// </summary> /// <param name="user">用户实体</param> public virtual void InsertUser(User user) { if (user == null) throw new ArgumentNullException("user"); _userRepository.Insert(user); }
/// <summary> /// 验证权限 /// </summary> /// <param name="controller">控制器</param> /// <param name="user">当前用户</param> /// <returns></returns> public virtual bool Authorize(string controller, User currentUser) { if (currentUser == null) return false; bool allow = false; var roles = currentUser.Roles.Where(t => t.Active); foreach (var rs in roles) { if (rs.Permissions.Count(t => t.Controller.ToLower() == controller.ToLower()) > 0) { allow = true; break; } } return allow; }
public ActionResult Create(UserModel model, bool continueEditing) { if (!String.IsNullOrWhiteSpace(model.UserName)) { var user = _userService.GetUserByUserName(model.UserName); if (user != null) ModelState.AddModelError("UserName", "用户名已经注册了"); } if (!String.IsNullOrWhiteSpace(model.Email)) { var user = _userService.GetUserByEmail(model.Email); if (user != null) ModelState.AddModelError("Email", "电子邮箱已经注册了"); } if (ModelState.IsValid) { var user = new User() { UserName = model.UserName, Password = Encryption.EncryptText(model.Password), Email = model.Email, Phone = model.Phone, RegisterDate = DateTime.Now, UpdateDate = DateTime.Now }; //角色 foreach (var id in model.SelectedRoles) { user.Roles.Add(_roleService.GetRoleById(id)); } _userService.InsertUser(user); SuccessNotification("添加成功"); return continueEditing ? RedirectToAction("Edit", new { id = user.Id }) : RedirectToAction("List"); } PrepareAllRolesModel(model); return View(model); }