示例#1
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var baseCtrl = (BaseController)filterContext.Controller;
            var Session  = filterContext.HttpContext.Session;

            if (Session != null)
            {
                var userData = (UserData)Session["UserData"];

                var url = new UrlHelper(filterContext.RequestContext);

                var request     = filterContext.RequestContext.HttpContext.Request;
                var ajaxRequest = request.IsAjaxRequest();


                var returnUrl = ajaxRequest
                    ? new RedirectResult(url.ActionSecure("Index", "Home", new { area = "" })).Url
                    : filterContext.HttpContext.Request.RawUrl;

                var actionResult =
                    new RedirectResult(url.ActionSecure("Login", "Authentication",
                                                        new { area = "", returnUrl = returnUrl }));

                var cookie = request.Cookies[FormsAuthentication.FormsCookieName];
                FormsAuthenticationTicket cookieInfo = null;

                var denyUser = cookie == null || string.IsNullOrEmpty(cookie.Value) ||
                               (cookieInfo = FormsAuthentication.Decrypt(cookie.Value)) == null ||
                               cookieInfo.Expired;

                if (!denyUser)
                {
                    if (userData == null)
                    {
                        Session["UserData"] = userData = new UserData(baseCtrl.HesiraDB, cookieInfo.Name);
                    }

                    if (!userData.IsAdmin || !userData.Enabled)
                    {
                        denyUser = true;
                    }
                }

                if (denyUser)
                {
                    if (filterContext.RequestContext.HttpContext.Request.IsAjaxRequest())
                    {
                        filterContext.Result = new BsJsonResult(new
                        {
                            RedirectUrl = actionResult.Url
                        });
                    }
                    else
                    {
                        filterContext.Result = actionResult;
                    }
                }
            }
        }