//驗證
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
//支援 MVC5 新增的 AllowAnonymous
var skipAuthorization =
filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute),
inherit: true);
//有設定 AllowAnonymous 就跳過
if (skipAuthorization)
{
return;
}
//登入驗證
var user = filterContext.HttpContext.User;
if ((user == null) || !user.Identity.IsAuthenticated || !user.IsInRole("User"))
{
filterContext.Result = new HttpUnauthorizedResult();
HandleUnauthorizedRequest(filterContext);
return;
}
if (user.Identity.IsAuthenticated)
{
userInfo = authManager.GetUser(); //使用者資料
Name = userInfo.UserName; //使用者名字
identity = userInfo.Identity.ToString(); //使用者角色
filterContext.Controller.ViewBag.RoleName = identity;
filterContext.Controller.ViewBag.UserName = Name;
}
else
{
filterContext.Result = new HttpUnauthorizedResult();
HandleUnauthorizedRequest(filterContext);
}
}
/// <summary>
/// 登入時將登入中角色加入 HttpContext 的 User 物件去 以便驗證授權用
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (Request.IsAuthenticated)
{
//取得登入者的資料
FormsAuthManager auth = new FormsAuthManager();
var userData = auth.GetUser();
// 將儲存在 FormsAuthenticationTicket 中的角色定義取出,並轉成字串陣列
string[] roles = userData.Identity.ToString().Split(new char[] { ',' });
//指派角色到目前這個 HttpContext 的 User 物件去
//然後會把這個資料放到Context.User內
Context.User = new GenericPrincipal(Context.User.Identity, roles);
}
}
//驗證
public override void OnAuthorization(AuthorizationContext filterContext)
{
//base.OnAuthorization(filterContext);//不能加~授權失敗會導至登入畫面
//支援 MVC5 新增的 AllowAnonymous
var skipAuthorization =
filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute),
inherit: true);
//訪客 不處理授權失敗 直接過
//有設定 AllowAnonymous 就跳過
var user = filterContext.HttpContext.User;
if (skipAuthorization || !user.Identity.IsAuthenticated)
{
filterContext.Controller.ViewBag.UserName = "******";
return;
}
//會員登入的狀態
//登入驗證
if ((user == null) || !user.IsInRole("User"))
{
filterContext.Result = new HttpUnauthorizedResult();
HandleUnauthorizedRequest(filterContext);
return;
}
if (user.Identity.IsAuthenticated)
{
userInfo = authManager.GetUser(); //使用者資料
Name = userInfo.UserName; //使用者名字
identity = userInfo.Identity.ToString(); //使用者角色
filterContext.Controller.ViewBag.RoleName = identity; //使用者角色
filterContext.Controller.ViewBag.UserName = Name;
}
else
{
filterContext.Result = new HttpUnauthorizedResult();
HandleUnauthorizedRequest(filterContext);
}
//登入驗證
//if (filterContext.HttpContext.User == null)
//{
// HandleUnauthorizedRequest(filterContext);
// return;
//}
//if (filterContext.HttpContext.User.Identity.IsAuthenticated)
//{
// //取得獲取用戶的FormsAuthenticationTicket的UserData
// userInfo = authManager.GetUser();
// identity = userInfo.Identity.ToString();
// Name = userInfo.UserName;
// filterContext.Controller.ViewBag.RoleName = identity;
// filterContext.Controller.ViewBag.UserName = Name;
//}
//else
//{
// //訪客 沒獲得授權 不處理授權失敗 直接過
// filterContext.Controller.ViewBag.UserName = "******";
//}
}
