打赏

.net MVC 登陆模块后台代码

首先是拦截器

 public class AuthLoginAttribute : ActionFilterAttribute
    {
        public bool IsLogin = true;
        /// <summary>
        /// 登录状态
        /// </summary>
        public AuthLoginAttribute()
        {
            IsLogin = true;
        }

        /// <summary>
        /// 登录状态
        /// </summary>
        /// <param name="islogin"></param>
        public AuthLoginAttribute(bool islogin)
        {
            IsLogin = islogin;
        }

        /// <summary>
        /// 判断登录状态
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //排除例外
            if (!IsLogin)
                return;
            string loginUrl = "/Home/Login";
            //上一次请求地址
            string refUrl = filterContext.HttpContext.Request.UrlReferrer != null ? filterContext.HttpContext.Request.UrlReferrer.ToString() : loginUrl;
            //控制器
            string controlName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower();
            //方法
            string actionName = filterContext.ActionDescriptor.ActionName.ToLower();
            //子方法
            bool isChildAction = filterContext.IsChildAction;
            //是否为异步请求
            bool isAjax = filterContext.HttpContext.Request.IsAjaxRequest();
            UserBaseController controller = filterContext.Controller as UserBaseController;
            if (!controller.IsLogin)
            {
                //异步处理
                if (isAjax)
                {
                    //这里可以添加一些过滤登录的异步操作如:公共上传图片
                    JsonResult jr = new JsonResult();
                    jr.Data = new BaseResponse<object>
                    {
                        ErrorCode = 500,
                        Message = "请先登录!",
                        Data = "need login"
                    }; 
                    filterContext.Result = jr;
                }
                else if (filterContext.IsChildAction)
                {
                    filterContext.Result = new ContentResult() { Content = "请先登录!" };
                }
                else
                {
                    string pq = null;
                    if (filterContext.HttpContext.Request.Url != null)
                    {
                        pq = filterContext.HttpContext.Request.Url.PathAndQuery;
                    }
                    filterContext.Result = new RedirectResult(loginUrl);
                }
            }
            else
            {
                //权限判断
                var userAuthority = OperSession.UserAuthority;
                string noAuth = "/Home/NoAuthorityUser?back=" + HttpUtility.UrlEncode(refUrl);
                if (userAuthority == null || userAuthority.Count == 0)
                {
                    filterContext.Result = new RedirectResult(noAuth);
                }
                else
                {
                    string route = "/" + controlName + "/" + actionName;
                    //排除首页登陆,异步
                    if (route == "/home/index" || route == "/home/login" || isAjax || route == "/admin/userprofile" || route == "/admin/index") return;
                    //进行检测 是否有可访问的权限
                    if (!userAuthority.Exists(a => a.Action?.ToLower() == actionName && a.Controller?.ToLower() == controlName))
                    {
                        filterContext.Result = new RedirectResult(noAuth);
                    }
    
                }
            }
        }
    }

登陆验证代码

  /// <summary>
        /// 用户登录
        /// </summary>
        /// <param name="uName"></param>
        /// <param name="uPwd"></param>
        /// <param name="uIP">客户端IP</param>
        /// <param name="sessionID">sessionID</param>
        /// <param name="isMD5">是否MD5加密</param>
        /// <returns></returns>
        public LoginResult ValidateLogin(string uName, string uPwd, string uIP, string sessionID, bool isMD5 = true)
        {
            string pwdMd5 = uPwd;
            if (isMD5)
            {
                pwdMd5 = uPwd.Crypt_MD5_Encode(32);
            }
            VUser loginUser = GetUser(uName, pwdMd5);
            if (loginUser == null)
            {
                return new LoginResult()
                {
                    Message = "账号或密码错误。",
                    ResultType = 0
                };
            }
            if (!loginUser.IsEnable)
            {
                return new LoginResult()
                {
                    Message = "账号已禁用,请联系管理员。",
                    ResultType = 0
                };
            }
            //用户权限初始化
            var urCatalogue = loginUser.Permissions.IsNullOrEmpty()?new List<VPermission>():PermissionBll.GetIntence().GetUserCatalog(loginUser.Permissions);
            if (urCatalogue.Count > 0)
            {
                //IList<Dictionary<int, IEnumerable<SysRoleExtensionInfo>>> menuData = new IList<Dictionary<int, IEnumerable<SysRoleExtensionInfo>>>();
                //var pMenu = urCatalogue.Where(a => a.ParentID == 0);
                //foreach (var pItem in pMenu)
                //{
                //    var cMenu = urCatalogue.Where(a => a.ParentID == pItem.ID);
                //    foreach (var cItem in cMenu)
                //    {
                //        var ccMenu = urCatalogue.Where(a => a.ParentID == cItem.ID);
                //        foreach (var ccItem in ccMenu)
                //        {
                //            menuData.Add(pItem.CatalogueID, urCatalogue.Where(a => a.ParentID == pItem.ID));
                //        }
                //    }
                //}
                loginUser.ProjPermissions = loginUser.DataPermissions.IsNullOrEmpty()?new List<DataPermission>():loginUser.DataPermissions.ToObjectFromJson<List<DataPermission>>();
                //权限记录
                OperSession.UserAuthority = urCatalogue.ToList();
                //记录登录用户信息
                loginUser.LoginSessionID = sessionID;
                loginUser.LoginIP = uIP;
                Helper.OperSession.UserInfo = loginUser;
                return new LoginResult()
                {
                    Message = "登录成功。",
                    ResultType = 1
                };
            }
            return new LoginResult()
            {
                Message = "该登录用户没有权限。",
                ResultType = 0
            };
        }
public class OperSession
    {
        /// <summary>
        /// 后台操作员登录信息
        /// </summary>
        public static VUser UserInfo
        {
            get
            {
                if (HttpContext.Current.Session[ConstVar.UserSessionKey] != null)
                {
                    return HttpContext.Current.Session[ConstVar.UserSessionKey] as VUser;
                }
                return null;
            }
            set
            {
                HttpContext.Current.Session[ConstVar.UserSessionKey] = value;
            }
        }

        /// <summary>
        /// 用户权限
        /// </summary>
        public static List<VPermission> UserAuthority
        {
            get
            {
                if (HttpContext.Current.Session[ConstVar.UserAuthorityKey] != null)
                {
                    return HttpContext.Current.Session[ConstVar.UserAuthorityKey] as List<VPermission>;
                }
                return null;
            }
            set
            {
                HttpContext.Current.Session[ConstVar.UserAuthorityKey] = value;
            }
        }
    }
 public class BaseResponse
    {
        public bool Success { get; set; }

        public int ErrorCode { get; set; }


        public string Message { get; set; }


        public object Data { get; set; } 
    }

 

posted @ 2017-06-22 19:51  Bear.Tirisfal  阅读(836)  评论(0编辑  收藏  举报