public IActionResult Login() { // 已登录时跳转到后台首页 var sessionManager = Application.Ioc.Resolve <SessionManager>(); var user = sessionManager.GetSession().GetUser(); if (user != null && user.GetUserType() is ICanUseAdminPanel) { return(new RedirectResult(BaseFilters.Url("/admin"))); } // 否则显示登陆表单 var form = new AdminLoginForm(); if (Request.Method == HttpMethods.POST) { return(new JsonResult(form.Submit())); } else { form.Bind(); var adminManager = Application.Ioc.Resolve <AdminManager>(); var warning = adminManager.GetLoginWarning(); return(new TemplateResult("common.admin/admin_login.html", new { form, warning })); } }
public IActionResult Logout() { var userManager = Application.Ioc.Resolve <UserManager>(); userManager.Logout(); return(new RedirectResult(BaseFilters.Url("/admin/login"))); }
/// <summary> /// 获取登录后应该跳转到的url /// </summary> /// <returns></returns> public virtual string GetUrlRedirectAfterLogin() { var request = HttpManager.CurrentContext.Request; var referer = request.GetReferer(); // 来源于同一站点时,跳转到来源页面 if (referer != null && referer.Authority == request.Host && !referer.AbsolutePath.Contains("/logout") && !referer.AbsolutePath.Contains("/login")) { return(referer.PathAndQuery); } // 默认跳转到首页 return(BaseFilters.Url("/")); }
public static void LogWrite(BaseFilters filter) { using (var context = new ApplicationDbContext()) { if (filter is ExceptionModel ex) { context.ExceptionModels.Add(ex); } else if (filter is ActionModel action) { context.ActionModels.Add(action); } context.SaveChanges(); } }
/// <summary> /// 检查当前的用户类型是否继承了指定的类型,且是否拥有指定的权限 /// 如果用户类型不匹配且当前请求是get则跳转到登陆页面,否则抛出403错误 /// </summary> /// <param name="userType">用户类型,例如typeof(IAmAdmin)</param> /// <param name="privileges">要求的权限列表</param> public virtual void Check(Type userType, params string[] privileges) { var sessionManager = Application.Ioc.Resolve <SessionManager>(); var user = sessionManager.GetSession().GetUser(); var userTypeMatched = HasUserType(user, userType); var context = HttpManager.CurrentContext; if (context.Request.Method == HttpMethods.GET && (user == null || !userTypeMatched)) { // 要求管理员时跳转到后台登陆页面,否则跳转到前台登陆页面 if (typeof(ICanUseAdminPanel).GetTypeInfo().IsAssignableFrom(userType)) { context.Response.RedirectByScript(BaseFilters.Url("/admin/login")); } else { context.Response.RedirectByScript(BaseFilters.Url("/user/login")); } } else if (userTypeMatched && HasPrivileges(user, privileges)) { // 检查通过 } else if (privileges != null && privileges.Length > 0) { // 无权限403 var translator = Application.Ioc.Resolve <IPrivilegeTranslator>(); throw new ForbiddenException( new T("Action require {0}, and {1} privileges", new T(userType.Name), string.Join(",", privileges.Select(p => translator.Translate(p))))); } else { // 用户类型不符合,或未登录 throw new ForbiddenException( new T("Action require {0}", new T(userType.Name))); } }
public IActionResult Login() { // 已登录时跳转到用户中心 var sessionManager = Application.Ioc.Resolve <SessionManager>(); var user = sessionManager.GetSession().GetUser(); if (user != null) { return(new RedirectResult(BaseFilters.Url("/home"))); } // 否则显示登陆表单 var form = new UserLoginForm(); if (HttpManager.CurrentContext.Request.Method == HttpMethods.POST) { return(new JsonResult(form.Submit())); } else { form.Bind(); return(new TemplateResult("common.admin/user_login.html", new { form })); } }
public IActionResult Reg() { // 已登录时跳转到用户中心,除非正在编辑页面 var sessionManager = Application.Ioc.Resolve <SessionManager>(); var user = sessionManager.GetSession().GetUser(); if (user != null && !Context.GetIsEditingPage()) { return(new RedirectResult(BaseFilters.Url("/home"))); } // 否则显示注册表单 var form = new UserRegForm(); if (Request.Method == HttpMethods.POST) { return(new JsonResult(form.Submit())); } else { form.Bind(); return(new TemplateResult("common.admin/user_reg.html", new { form })); } }
/// <summary> /// 检查当前登录用户是否指定的用户类型,且是否拥有指定的权限 /// 如果用户类型不匹配且当前请求是get则跳转到登陆页面,否则抛出403错误 /// </summary> /// <param name="types">指定的用户类型列表</param> /// <param name="privileges">要求的权限列表</param> public virtual void Check(UserTypes[] types, params string[] privileges) { var sessionManager = Application.Ioc.Resolve <SessionManager>(); var user = sessionManager.GetSession().GetUser(); var context = HttpManager.CurrentContext; if (context != null && context.Request.Method == HttpMethods.GET && (user == null || !types.Contains(user.Type))) { // 包含普通用户时跳转到前台登陆页面,否则跳转到后台登陆页面 context.Response.RedirectByScript(BaseFilters.Url( types.Contains(UserTypes.User) ? "/user/login" : "/admin/login")); return; } else if (types.Contains(user.Type) && HasPrivileges(user, privileges)) { // 检查通过 return; } else if (privileges != null && privileges.Length > 0) { // 无权限403 var translator = Application.Ioc.Resolve <PrivilegesTranslator>(); throw new ForbiddenException(string.Format( new T("Action require {0}, and {1} privileges"), string.Join(",", types.Select(t => new T(t.GetDescription()))), string.Join(",", privileges.Select(p => translator.Translate(p))))); } else { // 用户类型不符合,或未登录403 throw new ForbiddenException(string.Format( new T("Action require {0}"), string.Join(",", types.Select(t => new T(t.GetDescription()))))); } }
/// <summary> /// 设置标题到变量中 /// </summary> public override void Render(Context context, TextWriter result) { context.Environments[0][RenderTitle.Key] = BaseFilters.WebsiteTitle(context[Markup.Trim()] as string); }