void IAuthorizationFilter.OnAuthorization(AuthorizationFilterContext context)
{
var control = context.RouteData.Values["controller"].ToString().ToLower();
var action = context.RouteData.Values["action"].ToString().ToLower();
if (control != "permission" && action != "login")
{
//var sessionId = context.RouteData.Values["sessionId"].ToString();
var sessionId = context.HttpContext.Request.Headers["sessionId"].ToString();
SessionUsers sessionUsers = SessionHelper.GetSessionEntityBySessionId(sessionId);
if (sessionUsers != null)
{
if (sessionUsers.UserId != "1")
{
if (sessionUsers.Permission.Where(entity => entity.Description == action).Count() == 0)
{
//context.Result = new Microsoft.AspNetCore.Mvc.RedirectResult("/Home/Login");
//context.Result = new Microsoft.AspNetCore.Mvc.StatusCodeResult(403);
log.Error("登陆失败");
context.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new BaseMessage()
{
code = HttpStatus.PermissionDeny, msg = "权限错误"
});
}
}
}
else
{
//context.Result = new Microsoft.AspNetCore.Mvc.RedirectResult("/Home/Login");
//context.Result = new Microsoft.AspNetCore.Mvc.StatusCodeResult(403);
log.Error("登陆失败");
context.Result = new Microsoft.AspNetCore.Mvc.JsonResult(new BaseMessage()
{
code = HttpStatus.PermissionDeny, msg = "权限错误"
});
}
}
}
public JsonResult Login([FromBody] LoginModel login)
{
var aa = this.HttpContext.Request.Body;
BaseMessage loginMessage = new BaseMessage();
var userCollection = mongodb.GetMongodbCollection <SessionUsers>("Users");
//MongoDB.Driver.ExpressionFilterDefinition<Users> mongodbQuery = new MongoDB.Driver.ExpressionFilterDefinition<Users>(entity => entity.UserName == login.loginName && entity.Activity == "1");
//var userCursor = userCollection.FindSync<Users>(mongodbQuery);
string guid = Guid.NewGuid().ToString();
if (userCollection != null)
{
var userFluent = IMongoCollectionExtensions.Find <SessionUsers>(userCollection, entity => entity.UserName == login.username && entity.Password == login.password && entity.Activity == "1");
if (userFluent.Count() > 0)
{
var user = userFluent.First();
SessionUsers sessionUser = user;
sessionUser.ExpireTime = DateTime.Now.AddMinutes(20);
sessionUser.SessionId = guid;
SessionHelper.SessionUser.Add(sessionUser);
loginMessage.code = HttpStatus.Success;
loginMessage.data = new ExpandoObject();
loginMessage.data.SessionId = guid;
loginMessage.data.DspName = sessionUser.UserDspName;
loginMessage.data.ImgUrl = HttpContext.Request.Host.Value + new PathString("/UpLoadImg").Value + "/" + sessionUser.ImgUrl;
loginMessage.msg = "µÇ½³É¹¦£¡";
}
else
{
log.Error("ÕË»§»òÃÜÂë´íÎó");
loginMessage.msg = "ÕË»§»òÃÜÂë´íÎó£¡";
loginMessage.code = HttpStatus.LoginFailed;
ErrorLoginHelper.AddErrorLoginCount(login.username);
if (ErrorLoginHelper.GetErrorLoginCount(login.username) >= 10)
{
log.Info("ײ¿â¹¥»÷" + Common.ErrorLoginHelper.GetUserIp(this.HttpContext));
}
}
}
else
{
loginMessage.msg = "·þÎñ¶Ë´íÎó£¬ÇëÁªÏµ¹ÜÀíÔ±£¡";
log.Error("·þÎñ¶Ë´íÎó£¬ÇëÁªÏµ¹ÜÀíÔ±£¡");
loginMessage.code = HttpStatus.LoginFailed;
}
//List<Users> myList = new List<Users>() { new Users() { CreateTime =DateTime.Now,UserId="1",Activity="1"},new Users() { CreateTime=DateTime.Now.AddDays(1),UserId="2",Activity="1",UserType=1} };
//ParameterExpression parameter1 = Expression.Parameter(typeof(Users), "p");
//ConstantExpression constant1 = Expression.Constant(DateTime.Now.AddMinutes(30));
//ConstantExpression constant2 = Expression.Constant(DateTime.Now.AddDays(2));
//MemberExpression member = Expression.PropertyOrField(parameter1, "CreateTime");
//var query1 = Expression.GreaterThan(member, constant1);
//var query2 = Expression.LessThan(Expression.PropertyOrField(parameter1, "CreateTime"), constant2);
//var query = Expression.And(query1, query2);
//var lambda1 = Expression.Lambda<Func<Users, Boolean>>(query, parameter1);
//var list = myList.Where(lambda1.Compile());
//return Json(guid);
return(Json(loginMessage));
}
