public override void OnAuthorization(AuthorizationContext filterContext) { var httpContext = filterContext.HttpContext; httpContext.Items["MVCLearn_IsAuthorized"] = false; httpContext.Items["MVCLearn_AuthorizeState"] = AuthorizeState.没有登录; var area = filterContext.RouteData.DataTokens["area"]?.ToString().ToLower(); var controller = filterContext.RouteData.Values["controller"]?.ToString().ToLower(); var action = filterContext.RouteData.Values["action"]?.ToString().ToLower(); var url = "/" + area + "/" + controller + "/" + action; if ("/admin/account/login" == url) { httpContext.Items["MVCLearn_IsAuthorized"] = true; } else { var authorizeId = httpContext.Request.Cookies["MVCLearn_AuthorizeId"]; if (authorizeId != null) { IPrivilegeService service = new PrivilegeService(httpContext);// todo:全局filter依赖注入 var authorize = service.GetAuthorize(authorizeId.Value); if (authorize != null) { var privilege = service.GetPrivilege(authorize.User.UserID); var isAuthorized = privilege.Accesses.Any(e => e.Url == url); if (isAuthorized) { httpContext.Items["MVCLearn_IsAuthorized"] = true; httpContext.Items["MVCLearn_Authorize"] = authorize; httpContext.Items["MVCLearn_Privilege"] = privilege; // 缓存当前用户权限 /* * GenericIdentity identity = new GenericIdentity(authorizeId.Value); * IPrincipal principal = new GenericPrincipal(identity, new[] { "" }); * httpContext.User = principal; */ } else // 没有权限 { httpContext.Items["MVCLearn_AuthorizeState"] = AuthorizeState.没有权限; } } else // 传来了认证,但是服务器没通过 { // httpContext.Items["MVCLearn_AuthorizeType"] = AuthorizeState.认证失败; } } } base.OnAuthorization(filterContext); }