void IAuthorizationFilter.OnAuthorization(AuthorizationFilterContext context) { var control = context.RouteData.Values["controller"].ToString().ToLower(); var action = context.RouteData.Values["action"].ToString().ToLower(); if (control != "permission" && action != "login") { //var sessionId = context.RouteData.Values["sessionId"].ToString(); var sessionId = context.HttpContext.Request.Headers["sessionId"].ToString(); SessionUsers sessionUsers = SessionHelper.GetSessionEntityBySessionId(sessionId); if (sessionUsers != null) { if (sessionUsers.UserId != "1") { if (sessionUsers.Permission.Where(entity => entity.Description == action).Count() == 0) { //context.Result = new Microsoft.AspNetCore.Mvc.RedirectResult("/Home/Login"); //context.Result = new Microsoft.AspNetCore.Mvc.StatusCodeResult(403); log.Error("登陆失败"); context.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new BaseMessage() { code = HttpStatus.PermissionDeny, msg = "权限错误" }); } } } else { //context.Result = new Microsoft.AspNetCore.Mvc.RedirectResult("/Home/Login"); //context.Result = new Microsoft.AspNetCore.Mvc.StatusCodeResult(403); log.Error("登陆失败"); context.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new BaseMessage() { code = HttpStatus.PermissionDeny, msg = "权限错误" }); } } }
public JsonResult Login([FromBody] LoginModel login) { var aa = this.HttpContext.Request.Body; BaseMessage loginMessage = new BaseMessage(); var userCollection = mongodb.GetMongodbCollection <SessionUsers>("Users"); //MongoDB.Driver.ExpressionFilterDefinition<Users> mongodbQuery = new MongoDB.Driver.ExpressionFilterDefinition<Users>(entity => entity.UserName == login.loginName && entity.Activity == "1"); //var userCursor = userCollection.FindSync<Users>(mongodbQuery); string guid = Guid.NewGuid().ToString(); if (userCollection != null) { var userFluent = IMongoCollectionExtensions.Find <SessionUsers>(userCollection, entity => entity.UserName == login.username && entity.Password == login.password && entity.Activity == "1"); if (userFluent.Count() > 0) { var user = userFluent.First(); SessionUsers sessionUser = user; sessionUser.ExpireTime = DateTime.Now.AddMinutes(20); sessionUser.SessionId = guid; SessionHelper.SessionUser.Add(sessionUser); loginMessage.code = HttpStatus.Success; loginMessage.data = new ExpandoObject(); loginMessage.data.SessionId = guid; loginMessage.data.DspName = sessionUser.UserDspName; loginMessage.data.ImgUrl = HttpContext.Request.Host.Value + new PathString("/UpLoadImg").Value + "/" + sessionUser.ImgUrl; loginMessage.msg = "µÇ½³É¹¦£¡"; } else { log.Error("ÕË»§»òÃÜÂë´íÎó"); loginMessage.msg = "ÕË»§»òÃÜÂë´íÎó£¡"; loginMessage.code = HttpStatus.LoginFailed; ErrorLoginHelper.AddErrorLoginCount(login.username); if (ErrorLoginHelper.GetErrorLoginCount(login.username) >= 10) { log.Info("ײ¿â¹¥»÷" + Common.ErrorLoginHelper.GetUserIp(this.HttpContext)); } } } else { loginMessage.msg = "·þÎñ¶Ë´íÎó£¬ÇëÁªÏµ¹ÜÀíÔ±£¡"; log.Error("·þÎñ¶Ë´íÎó£¬ÇëÁªÏµ¹ÜÀíÔ±£¡"); loginMessage.code = HttpStatus.LoginFailed; } //List<Users> myList = new List<Users>() { new Users() { CreateTime =DateTime.Now,UserId="1",Activity="1"},new Users() { CreateTime=DateTime.Now.AddDays(1),UserId="2",Activity="1",UserType=1} }; //ParameterExpression parameter1 = Expression.Parameter(typeof(Users), "p"); //ConstantExpression constant1 = Expression.Constant(DateTime.Now.AddMinutes(30)); //ConstantExpression constant2 = Expression.Constant(DateTime.Now.AddDays(2)); //MemberExpression member = Expression.PropertyOrField(parameter1, "CreateTime"); //var query1 = Expression.GreaterThan(member, constant1); //var query2 = Expression.LessThan(Expression.PropertyOrField(parameter1, "CreateTime"), constant2); //var query = Expression.And(query1, query2); //var lambda1 = Expression.Lambda<Func<Users, Boolean>>(query, parameter1); //var list = myList.Where(lambda1.Compile()); //return Json(guid); return(Json(loginMessage)); }