Exemplo n.º 1
0
        /// <summary>
        /// 重写方法
        /// </summary>
        /// <param name="actionContext"></param>
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            // 无需认证处理
            if (actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() || actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
            {
                return;
            }

            // 通过cookie获取token信息
            string token = CookieHelper.GetCookieByKey(Constants.TOKEN);

            if (string.IsNullOrWhiteSpace(token))
            {
                actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
                actionContext.Response.Headers.Location = new Uri("https://localhost:44331/login");
            }
            // 判断服务器端token是否
            if (HttpContext.Current != null && HttpContext.Current.User != null)
            {
                AuthenticationPrincipal authenticationPrincipal = HttpContext.Current.User as AuthenticationPrincipal;
                if (authenticationPrincipal == null)
                {
                    actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
                    actionContext.Response.Headers.Location = new Uri("https://localhost:44331/login");
                }
                else
                {
                    KTApplicationIdentity ktApplicationIdentity = authenticationPrincipal.Identity as KTApplicationIdentity;
                    if (ktApplicationIdentity.Token == null)
                    {
                        GetHttpActionContext(actionContext, returnUrl);
                    }
                    if (ktApplicationIdentity.Token != null && ktApplicationIdentity.Token != token)
                    {
                        GetHttpActionContext(actionContext, returnUrl);
                    }
                }
            }
            else
            {
                GetHttpActionContext(actionContext, returnUrl);
            }

            if (roleList != RoleEnum.None)
            {
                // TODO 获取当前用户真实角色
                RoleEnum userRole = RoleEnum.KTDepartmentLeader;

                if (((RoleEnum)this.roleList & userRole) == userRole)
                {
                    // 有权限做某事
                }
                else
                {
                    // 无权限做某事
                }
            }
        }
Exemplo n.º 2
0
        protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
        {
            HttpCookie authCookie = Request.Cookies["userCookie"];

            if (authCookie != null)
            {
                FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

                var serializeEmployeeModel = JsonConvert.DeserializeObject <Employee>(authTicket.UserData);

                AuthenticationPrincipal principal = new AuthenticationPrincipal(serializeEmployeeModel.EmployeeId);

                principal.EmployeeId = serializeEmployeeModel.EmployeeId;
                principal.FirstName  = serializeEmployeeModel.FirstName;
                principal.LastName   = serializeEmployeeModel.LastName;
                principal.Position   = serializeEmployeeModel.Position;

                HttpContext.Current.User = principal;
            }
        }