protected virtual bool ExecAuthorizeCore(HttpContextBase httpContext) { //获取SessionKey //var token = httpContext.Request[Define.Token]; var authenticationService = ServiceLocator.Current.Resolve<IAuthenticationService>(); if (!authenticationService.Islogged(httpContext)) { httpContext.Response.StatusCode = 400; return false; } //验证用户信息 try { _webSiteUser = authenticationService.GetCurrentUser(httpContext); } catch (Exception ex) { _log.Error(String.Format("{0}获取websiteuser失败,Ex.M{1},Ex.S{2} ", httpContext.User.Identity.Name, ex.Message, ex.StackTrace)); } // 解密失败返回结果 if (_webSiteUser == null) { httpContext.Response.StatusCode = 401; //httpContext.Response.SubStatusCode = 1; return false; } return true; }
public void SetAuthorize(HttpContextBase httpContext, WebSiteUser webSiteUser) { if (webSiteUser == null) { throw new ArgumentNullException("webSiteUser"); } FormsAuthentication.SetAuthCookie(webSiteUser.ToJson(), false); }
protected virtual void DoAuthorization(AuthorizationContext filterContext) { var httpContext = filterContext.HttpContext; var authenticationService = ServiceLocator.Current.Resolve<IAuthenticationService>(); if (!authenticationService.Islogged(httpContext)) { httpContext.Response.StatusCode = 400; return; } //验证用户信息 try { _webSiteUser = authenticationService.GetCurrentUser(httpContext); } catch (Exception ex) { _log.Error(String.Format("{0}获取websiteuser失败,Ex.M{1},Ex.S{2} ", httpContext.User.Identity.Name, ex.Message, ex.StackTrace)); } // 解密失败返回结果 if (_webSiteUser == null) { httpContext.Response.StatusCode = 401; //httpContext.Response.SubStatusCode = 1; return; } //authorize string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; string actionNae = filterContext.ActionDescriptor.ActionName; UserController currentController = filterContext.Controller as UserController; if (currentController == null) return; //if (!currentController.HasRightForAction(controllerName, actionNae)) //{ // httpContext.Response.StatusCode = 401; // return; //} }