C# (CSharp) Anderson.Chris.BlogX.WebClient SiteSecurity.GetToken示例

示例#1

        public bool CanEdit(string username, string password)
        {
            try
            {
                if (HttpContext.Current.Request.IsAuthenticated)
                {
                    UserToken token = SiteSecurity.GetToken(User.Identity.Name);
                    if (token.Role == "admin")
                    {
                        return(true);
                    }
                }

                return(SiteSecurity.Login(username, password).Role == "admin");
            }
            catch
            {
                return(false);
            }
        }

示例#2

文件： Global.asax.cs 项目： JosephHill/Mono_ASP.NET_MonoBlog

        protected void Application_AuthenticateRequest(Object sender, EventArgs e)
        {
            if (Request.IsAuthenticated == true)
            {
                string role = null;

                // Create the roles cookie if it doesn't exist yet for this session.
                if ((Request.Cookies["portalroles"] == null) || (Request.Cookies["portalroles"].Value == ""))
                {
                    // Get roles from UserRoles table, and add to cookie
                    UserToken token = SiteSecurity.GetToken(User.Identity.Name);
                    if (token != null)
                    {
                        role = token.Role;

                        // Create a cookie authentication ticket.
                        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                            1,                              // version
                            Context.User.Identity.Name,     // user name
                            DateTime.Now,                   // issue time
                            DateTime.Now.AddHours(1),       // expires every hour
                            false,                          // don't persist cookie
                            role                            // roles
                            );

                        // Encrypt the ticket
                        String cookieStr = FormsAuthentication.Encrypt(ticket);

                        // Send the cookie to the client
                        Response.Cookies["portalroles"].Value   = cookieStr;
                        Response.Cookies["portalroles"].Path    = "/";
                        Response.Cookies["portalroles"].Expires = DateTime.Now.AddMinutes(1);
                    }
                    else
                    {
                        // This is hit for the case where the user
                        // has a cookie that points to an out of date
                        // user name. Basically we have to un-authenticate
                        // and redirect...
                        //

                        // Log User Off from Cookie Authentication System
                        FormsAuthentication.SignOut();

                        // Invalidate roles token
                        Response.Cookies["portalroles"].Value   = null;
                        Response.Cookies["portalroles"].Expires = new System.DateTime(1999, 10, 12);
                        Response.Cookies["portalroles"].Path    = "/";
                    }
                }
                else
                {
                    // Get roles from roles cookie
                    FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Context.Request.Cookies["portalroles"].Value);

                    role = ticket.UserData;
                }

                // Add our own custom principal to the request containing the roles in the auth ticket
                Context.User = new GenericPrincipal(Context.User.Identity, new string[] { role });
            }
        }