/// <summary>验证登录
/// </summary>
/// <returns>2 具有访问权限 1 没有权限 0 未登录</returns>
public int chekLogin(ref string uid, bool liwai, List <RightEntity> userRights)
{
int result = 0;
string sign = CookieFunc.ReadCookie(CoSignKey);
if (sign != null && sign != string.Empty)
{
uid = string.Empty;
string pwd = string.Empty;
DateTime dt = DateTime.Now;
if (design(sign, ref uid, ref pwd, ref dt))
{
if (dt.AddDays(15) > DateTime.Now)//令牌未过期
{
int signState = new LoginDal().exsitLoginSign(uid, sign, IsOnlyOne);
if (signState == 1)
{
result = 1;
}
else if (signState == -1)
{
if (1 == new UserDal().login(uid, pwd))
{
result = 1;
}
}
if (result > 0)
{
if (!liwai)
{
#region 获取当前页面的权限
UrlPathEntity urlEntity = null;
List <RightEntity> rlist = null;
if (HttpContext.Current.Request.RawUrl.StartsWith("/Plugins/"))
{
urlEntity = HuberPluginHandle.getUrlPathEntity(HttpContext.Current.Request.RawUrl.Substring(8), true);
rlist = new RightBll().UserGetRights("/" + urlEntity.pluginname + "/" + urlEntity.controller + "/" + urlEntity.action);
}
else
{
urlEntity = HuberPluginHandle.getUrlPathEntity(HttpContext.Current.Request.RawUrl, false);
rlist = new RightBll().UserGetRights("/" + urlEntity.controller + "/" + urlEntity.action);
}
UserEntity CurUer = new UserDal().GetUser(uid);
if (CurUer != null)
{
if (rlist.Count > 0)
{
List <RightEntity> urights = new List <RightEntity>();
string rightCompara = ",{0},";
if (CurUer.Uid == SuperAdminID)//如果是超级管理员,不需要对权限筛选
{
urights = rlist;
}
else
{
List <RoleEntity> uRoles = new RoleBll().GetRoles(CurUer.RolesIds);
if (uRoles != null && uRoles.Count > 0)
{
foreach (RightEntity right in rlist)
{
foreach (RoleEntity role in uRoles)
{
if (role.RightIds.IndexOf(string.Format(rightCompara, right.Id)) > -1)
{
urights.Add(right);
}
}
}
}
}
userRights = urights;
result = 2;
}
else
{
if (CurUer.Uid == SuperAdminID)//如果是超级管理员,不需要对权限筛选
{
result = 2;
}
}
}
#endregion
}
else
{
result = 2;
}
}
}
}
}
return(result);
}
// 请求拦截
private void Application_BeginRequest(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
HttpResponse respond = application.Response;
HttpRequest request = application.Request;
string url = request.Url.AbsolutePath.ToString();
//如果请求以“/plugins/”开头,表面我们需要对该请求做拦截处理了。
if (url.ToLower().StartsWith("/plugins/"))
{
string action = url.Substring(url.LastIndexOf("/") + 1);
//如果是非静态文件,即是action
if (action.IndexOf(".") < 0)
{
#region 匹配controller和action
var urlEntity = HuberPluginHandle.getUrlPathEntity(url.Substring(8), true);
#endregion
if (urlEntity != null && urlEntity.controller != null)
{
#region 获取路径中的插件名称等信息
#endregion
SandBoxDynamicLoader sandBox = HuberPluginHandle.getSandBox(urlEntity.pluginname, urlEntity.pluginversion);
if (sandBox != null)
{
List <RightEntity> userRight = new List <RightEntity>();
string uid = string.Empty;
int login = new UserBll().chekLogin(ref uid, false, userRight);
if (login == 2)//验证用户是否具有访问的权限
{
RefRequestEntity paras = new RefRequestEntity();
paras.PageRights = userRight;
paras.UserID = uid;
#region 获取http参数
RequestHandle.FillCorRefEntity(paras, request);
#endregion
//sandBox.InvokeMothod(urlEntity.controller, "InitChannel", paras)
var result = sandBox.InvokeMothod(urlEntity.controller, urlEntity.action, paras);
RequestHandle.ResposeResult(respond, result);
}
else if (login == 1)
{
RequestHandle.ResponseNoRight(request, respond);
}
else
{
RequestHandle.ResponseNoLogin(request, respond);
}
}
}
else
{
RequestHandle.ResponseNotfound(request, respond);;
}
respond.End();
}
}
else
{
if (!url.ToLower().Equals("/user/login"))
{
string action = url.Substring(url.LastIndexOf("/") + 1);
if (action.IndexOf(".") < 0)
{
List <RightEntity> userRight = new List <RightEntity>();
string uid = string.Empty;
int login = new UserBll().chekLogin(ref uid, false, userRight);
if (login == 2)//验证用户是否具有访问的权限
{
}
else if (login == 1)
{
RequestHandle.ResponseNoRight(request, respond);
}
else
{
RequestHandle.ResponseNoLogin(request, respond);
}
}
}
}
}