protected virtual void PrepareAllRolesModel(UserModel model, User user = null)
{
if (model == null)
throw new ArgumentNullException("model");
//所有角色
model.Roles = _roleService.GetAllRole().Where(t => t.Active).Select(t => new KeyValueModel
{
Text = t.Name,
Value = t.Id.ToString()
}).ToList();
//选中角色
if (user != null)
{
model.SelectedRoles = user.Roles.Select(t => t.Id).ToList();
}
}
/// <summary>
/// 从Cookie获取用户
/// </summary>
/// <returns></returns>
public virtual User GetAuthenticatedUser()
{
if (_cachedUser != null)
return _cachedUser;
var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie == null)
{
return null;
}
var formsIdentity = FormsAuthentication.Decrypt(cookie.Value);
//if (HttpContext.Current == null ||
// HttpContext.Current.Request == null ||
// !HttpContext.Current.Request.IsAuthenticated ||
// !(HttpContext.Current.User.Identity is FormsIdentity))
//{
// return null;
//}
//var formsIdentity = (FormsIdentity)HttpContext.Current.User.Identity;
//var user = GetAuthenticatedUserFromTicket(formsIdentity.Ticket);
var user = GetAuthenticatedUserFromTicket(formsIdentity);
if (user != null && user.Active && !user.Deleted)
_cachedUser = user;
return _cachedUser;
}
/// <summary>
/// 退出
/// </summary>
public virtual void SignOut()
{
_cachedUser = null;
FormsAuthentication.SignOut();
}
/// <summary>
/// 登录
/// </summary>
/// <param name="user">用户对象</param>
/// <param name="rememberMe">记住我</param>
public virtual void SignIn(User user, bool rememberMe)
{
var now = DateTime.Now.ToLocalTime();
//将用户名保存到票据中
var ticket = new FormsAuthenticationTicket(
1,
user.UserName,
now,
//now.Add(_expirationTimeSpan),
now.AddDays(7),
rememberMe,
user.UserName,
FormsAuthentication.FormsCookiePath
);
//加密
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
//使用Cookie
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Path = FormsAuthentication.FormsCookiePath,
};
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
// 将加密后的票据保存到Cookie发送到客户端
HttpContext.Current.Response.Cookies.Add(cookie);
_cachedUser = user;
}
/// <summary>
/// 删除
/// </summary>
/// <param name="user">用户实体</param>
public virtual void DeleteUser(User user)
{
if (user == null)
throw new ArgumentNullException("user");
user.Deleted = true;
UpdateUser(user);
}
/// <summary>
/// 更新
/// </summary>
/// <param name="user">用户实体</param>
public virtual void UpdateUser(User user)
{
if (user == null)
throw new ArgumentNullException("user");
_userRepository.Update(user);
}
/// <summary>
/// 插入
/// </summary>
/// <param name="user">用户实体</param>
public virtual void InsertUser(User user)
{
if (user == null)
throw new ArgumentNullException("user");
_userRepository.Insert(user);
}
/// <summary>
/// 验证权限
/// </summary>
/// <param name="controller">控制器</param>
/// <param name="user">当前用户</param>
/// <returns></returns>
public virtual bool Authorize(string controller, User currentUser)
{
if (currentUser == null)
return false;
bool allow = false;
var roles = currentUser.Roles.Where(t => t.Active);
foreach (var rs in roles)
{
if (rs.Permissions.Count(t => t.Controller.ToLower() == controller.ToLower()) > 0)
{
allow = true;
break;
}
}
return allow;
}
public ActionResult Create(UserModel model, bool continueEditing)
{
if (!String.IsNullOrWhiteSpace(model.UserName))
{
var user = _userService.GetUserByUserName(model.UserName);
if (user != null)
ModelState.AddModelError("UserName", "用户名已经注册了");
}
if (!String.IsNullOrWhiteSpace(model.Email))
{
var user = _userService.GetUserByEmail(model.Email);
if (user != null)
ModelState.AddModelError("Email", "电子邮箱已经注册了");
}
if (ModelState.IsValid)
{
var user = new User()
{
UserName = model.UserName,
Password = Encryption.EncryptText(model.Password),
Email = model.Email,
Phone = model.Phone,
RegisterDate = DateTime.Now,
UpdateDate = DateTime.Now
};
//角色
foreach (var id in model.SelectedRoles)
{
user.Roles.Add(_roleService.GetRoleById(id));
}
_userService.InsertUser(user);
SuccessNotification("添加成功");
return continueEditing ? RedirectToAction("Edit", new { id = user.Id }) : RedirectToAction("List");
}
PrepareAllRolesModel(model);
return View(model);
}
