您的位置：首页 > 其它

MVC AuthorizeAttribute 登录验证

2017-08-30 22:57 148 查看

[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class,Inherited =true)]
public class AuthorityFilter : AuthorizeAttribute
{
/// <summary>
/// 未登录时返还的地址
/// </summary>
private string _loginPath = "";
public AuthorityFilter()
{
//可以从web.config中读取
this._loginPath = "/User/Login";
}
public AuthorityFilter(string loginPath)
{
this._loginPath = loginPath;
}
/// <summary>
/// 检查用户登录
/// </summary>
/// <param name="filterContext"></param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)
|| filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return; //表示支持控制器、action的AllowAnonymousAttribute
}
var sessionUser = filterContext.HttpContext.Session["User"];//使用session
//var memberValidation = HttpContext.Current.Request.Cookies.Get("CurrentUser");//使用cookie
if (sessionUser == null)
{
HttpContext.Current.Session["returnUrl"] = filterContext.HttpContext.Request.RawUrl;
filterContext.Result = new RedirectResult(this._loginPath);
}
}
}

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航