Asp.net MVC 权限过滤器实现方法的最佳实践

在项目开发中,为了安全、方便地判断用户是否有访问当前资源(Action)的权限,我们一般通过全局过滤器来实现。

Asp.net MVC 页面中常见的权限判断使用过滤器主要在以下几种情况(根据权限判断的先后顺序):

1、判断要访问的Controller或Action是可以匿名访问;

2、判断要访问的Controller或Action是否登录就可以访问;

3、判断是否有访问某个Controller的Action的权限;

4、资源访问权限,如在下拉菜单中获取当前账号可以显示几个下拉项;

通过在全局过滤器中逐项判断,我们可以让有权限的用户顺利通过,没有权限的就会被禁止掉,下面来看看过滤器的代码实现:

    public class CheckPermissionFilter : IAuthorizationFilter
    {
        /// <summary>
        /// 权限判断
        /// </summary>
        /// <param name="filterContext"></param>
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            if (filterContext.HttpContext.Request.Url == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            string pageUrl = filterContext.HttpContext.Request.Url.AbsolutePath; //OperateContext.GetThisPageUrl(false);
            // 是否是Ajax请求
            var bAjax = filterContext.HttpContext.Request.IsAjaxRequest();
            // 1、允许匿名访问 用于标记在授权期间要跳过 AuthorizeAttribute 的控制器和操作的特性 
            var actionAnonymous = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AllowAnonymousAttribute), true) as IEnumerable<AllowAnonymousAttribute>;
            var controllerAnonymous = filterContext.Controller.GetType().GetCustomAttributes(typeof(AllowAnonymousAttribute), true) as IEnumerable<AllowAnonymousAttribute>;
            if ((actionAnonymous != null && actionAnonymous.Any()) || (controllerAnonymous != null && controllerAnonymous.Any()))
            {
                return;
            }
            // 判断是否登录或登录已超时 需要重新登录
            if (Infrastructure.OperateContext.Current.UserInfo == null)
            {
                if (bAjax)
                {
                    BusinessResultBase result = new BusinessResultBase();
                    result.Title = "未登录或登录已超时";
                    result.Status = false;
                    result.StatusCode = BusinessStatusCode.LoginTimeOut.ToString();
                    result.StatusMessage = "请重新登录系统。";

                    var jsonResult = new JsonResult();
                    jsonResult.Data = result;
                    filterContext.Result = jsonResult;
                }
                else
                {
                    filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "Account", action = "Login" }));
                }
            }
            else
            {
                // 2、拒绝某个账号登录当前系统
                if (OperateContext.Current.IsDenyVisit())
                {
                    if (bAjax)
                    {
                        BusinessResultBase result = new BusinessResultBase();
                        result.Title = "拒绝访问当前系统";
                        result.Status = false;
                        result.StatusCode = BusinessStatusCode.AccessDeny.ToString();
                        result.StatusMessage = "您的账号不允许访问当前系统。";
                        var jsonResult = new JsonResult();
                        jsonResult.Data = result;
                        filterContext.Result = jsonResult;
                    }
                    else
                    {
                        filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "Common", action = "DenyAccess", bAjaxReq = false, message = "没有获取您拥有的权限菜单,请尝试重新登录。" }));
                    }
                }
                else
                {
                    // 3、判断登录状态 Controller  Action 标签 某些功能只需判断是否登录 用户没登录 调到登录页面  
                    // 判断Controller上是否有CheckLoginAttribute标签 只需要登录就可以访问
                    var checkLoginControllerAttr = filterContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes(typeof(CheckLoginAttribute), true) as IEnumerable<CheckLoginAttribute>;
                    if (checkLoginControllerAttr != null && checkLoginControllerAttr.Any())
                    {
                        return;
                    }
                    // 判断action上是否有CheckLoginAttribute标签 只需要登录就可以访问
                    var checkLoginActionAttr = filterContext.ActionDescriptor.GetCustomAttributes(typeof(CheckLoginAttribute), true) as IEnumerable<CheckLoginAttribute>;
                    if (checkLoginActionAttr != null && checkLoginActionAttr.Any())
                    {
                        return;
                    }
                    // 4、有些要判断是否有某个菜单 action的权限 具体判断某个用户是否有某个权限
                    // 用于标记在授权期间需要CustomerResourceAttribute 的操作的特性
                    var attNames = filterContext.ActionDescriptor.GetCustomAttributes(typeof(CustomerResourceAttribute), true) as IEnumerable<CustomerResourceAttribute>;
                    // 用户具有的菜单
                    var moduleList = OperateContext.Current.GetPermissionList();
                    if (moduleList == null || !moduleList.Any())
                    {
                        if (bAjax)
                        {
                            BusinessResultBase result = new BusinessResultBase();
                            result.Title = "没有访问权限";
                            result.Status = false;
                            result.StatusCode = BusinessStatusCode.AccessDeny.ToString();
                            result.StatusMessage = "没有获取您拥有的权限菜单,请尝试重新登录。";
                            var jsonResult = new JsonResult();
                            jsonResult.Data = result;
                            filterContext.Result = jsonResult;
                        }
                        else
                        {
                            filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "Common", action = "DenyAccess", bAjaxReq = false, message = "没有获取您拥有的权限菜单,请尝试重新登录。" }));
                        }
                    }
                    else
                    {
                        // 判断用户的权限菜单中的code是否与控制器上标示的资源的code一致
                        var joinResult = (from aclEntity in moduleList
                                          join attName in attNames on aclEntity.Code equals attName.ResourceName
                                          select attName).Any();
                        if (!joinResult)
                        {

                            if (bAjax)
                            {
                                BusinessResultBase result = new BusinessResultBase();
                                result.Title = "没有访问权限";
                                result.Status = false;
                                result.StatusCode = BusinessStatusCode.AccessDeny.ToString();
                                result.StatusMessage = "您没有访问权限:" + pageUrl;
                                var jsonResult = new JsonResult();
                                jsonResult.Data = result;
                                filterContext.Result = jsonResult;
                            }
                            else
                            {
                                filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { Controller = "Common", action = "DenyAccess", bAjaxReq = false, message = "您没有访问权限:" + pageUrl }));
                            }
                        }
                        else
                        {
                            return;
                        }
                    }
                }
            }
        }
    }

基于这样的过滤器,我们的Controller和Action该怎么写呢?下面分别举出几个demo

1、匿名访问的Controller,这是一个测试安装环境中数据库连接是否连通的功能:

    /// <summary>
    /// InstallationController
    /// 
    /// 安装环境测试
    /// 
    /// 2015-12-25 版本:1.0 SongBiao 创建文件。
    /// 
    /// <author>
    ///     <name>SongBiao</name>
    ///     <date>2015-12-25</date>
    /// </author>
    /// </summary>
    [AllowAnonymous]
    public class InstallationController : Controller
    {
        //
        // GET: /InstallationEnvironment/
        public ActionResult Index()
        {
            string result;
            try
            {
                // 获取数据库时间 测试数据库是否通
                using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType, BaseSystemInfo.UserCenterDbConnection))
                {
                    result ="数据库已连通,当前数据库时间:"+ DateTime.Parse(dbHelper.GetDbDateTime()).ToString(BaseSystemInfo.DateTimeFormat);
                }
            }
            catch (Exception ex)
            {
                result="数据库连接异常:"+ex.Message;
            }
            ViewBag.Result = result;
            return View();
        }
    }

这个头部增加了AllowAnonymous标签,实现匿名访问功能,用户不需登录即可访问。

2、只需要登录就可以访问的功能

namespace DotNet.MVC.Controllers
{
    using DotNet.Business;
    using DotNet.Model;
    using DotNet.MVC.Attributes;
    using DotNet.MVC.Infrastructure;

    /// <summary>
    /// 系统菜单权限
    /// 
    /// 修改纪录
    /// 
    /// 2015-09-09 版本:1.0 SongBiao 创建文件。
    /// 
    /// <author>
    ///     <name>SongBiao</name>
    ///     <date>2015-09-09</date>
    /// </author>
    /// </summary>
    [CheckLogin]
    public class ItemsSystemController : BaseController
    {
        //
        // GET: /ItemsSystem/
        public ActionResult Index()
        {
            return View();
        }

        /// <summary>
        /// 返回全部子系统下拉列表数据
        /// </summary>
        /// <returns></returns>
        public ActionResult GetSystemSelect()
        {
            string tableName = "ItemsSystem";
            Hashtable hashTable = new Hashtable();
            List<BaseItemDetailsEntity> list = null;
            var itemDetailsManager = new BaseItemDetailsManager(UserCenterDbHelper, UserInfo, tableName);
            // 管理员取得所有数据
            if (UserInfo.IsAdministrator)
            {
               list= itemDetailsManager.GetList<BaseItemDetailsEntity>(new KeyValuePair<string, object>(BaseItemDetailsEntity.FieldDeletionStateCode, 0)
                    , BaseItemDetailsEntity.FieldSortCode);
            }
            else
            {
                string permissionCode = "Resource.ManagePermission";
                BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(UserCenterDbHelper, UserInfo);
                string[] ids = permissionScopeManager.GetResourceScopeIds(UserInfo.Id, tableName, permissionCode);
                list = itemDetailsManager.GetList<BaseItemDetailsEntity>(ids);
            }

            if (list != null && list.Any())
            {
                var result = (from p in list select new { key = p.ItemName, value = p.ItemValue }).ToList();
                hashTable.Add("list", result);
            }
            else
            {
                hashTable.Add("list", null);
            }
            return Json(hashTable, JsonRequestBehavior.AllowGet);
        }
    }
}

这里在控制器上使用 CheckLogin 标签来实现只要用户登录就可以访问当前控制器里的Action,当然也可以指定Controller下某个Action只要登录就可以访问,如下写法

 

        #region  public ActionResult LogOff() 退出
        /// <summary>
        /// 退出
        /// </summary>
        /// <returns></returns>
        [CheckLogin]
        public ActionResult LogOff()
        {
            try
            {
                OperateContext.Current.RemoveCurrent();
                return RedirectToAction("Login", "Account");
            }
            catch (Exception)
            {
                return RedirectToAction("Login", "Account");
            }
        } 
        #endregion

 

那么,上面的CheckLogin怎么写呢?请看如下实现(OperateContext.Current.UserInfo是我实现的上下文中获取当前用户的方法,Views层也可以使用)。

namespace DotNet.MVC.Attributes
{
    using DotNet.MVC.Infrastructure;

    /// <summary>
    /// CheckLoginAttribute
    /// 用于检测用户是否处于登录状态的标签
    /// 某些功能只需要用户登录就可以使用
    /// 
    /// 修改纪录
    /// 
    /// 2015-10-11 版本:1.0 SongBiao 创建文件。   
    /// 
    /// <author>
    ///     <name>SongBiao</name>
    ///     <date>2015-10-11</date>
    /// </author>
    /// </summary>

    public class CheckLoginAttribute :System.Web.Mvc.AuthorizeAttribute //AuthorizeAttribute
    {
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            bool pass = false;
            // httpContext.Session[DotNet.Business.Utilities.SessionName]
            //!httpContext.Request.IsAuthenticated
            if (OperateContext.Current.UserInfo==null)
            {
                httpContext.Response.StatusCode = 401;//无权限状态码
                pass = false;
            }
            else
            {
                pass = true;
            }
            return pass;
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            base.HandleUnauthorizedRequest(filterContext);
            if (filterContext.HttpContext.Response.StatusCode == 401)
            {
                filterContext.Result = new RedirectResult("/Account/Login");
            }
        }
    }
}

3、判断是否具有某个Action的权限

        /// <summary>
        /// 获取列表数据
        /// </summary>
        /// <param name="quoteId"></param>
        /// <param name="pager"></param>
        /// <param name="sort"></param>
        /// <param name="direction"></param>
        /// <param name="firstHaveData"></param>
        /// <returns></returns>
        [AjaxRequest]
        [CustomerResource("XpressionList")]
        public ActionResult GetList(string quoteId, QuiGridPager pager, string sort, string direction, bool firstHaveData = true)
        {
            XpressionManager xpressionManager = new XpressionManager(BusinessDbHelper, UserInfo);
            List<XpressionEntity> list = xpressionManager.ExecuteReaderByPage(quoteId, pager, sort, direction, "*", firstHaveData).ToList<ZtoQuoteExpressionEntity>();
            return JsonQuiGridPager(pager, list, pager.totalRows, sort, direction, StartTime, firstHaveData);
        }

通过在Action 上添加标签[CustomerResource("XpressionList")]实现,在过滤去中会自动去判断当前账号是否具有这个Action的访问权限,这个标签的实现如下,

 

namespace DotNet.MVC.Attributes
{
    /// <summary>
    /// CustomerResourceAttribute
    /// 
    /// 自定义的对方法应用的属性,在Action上标注权限菜单对应的Code
    /// 
    /// 修改纪录
    /// 
    /// 2015-10-11 版本:1.0 SongBiao 创建文件。   
    /// 
    /// <author>
    ///     <name>SongBiao</name>
    ///     <date>2015-10-11</date>
    /// </author>
    /// </summary>

    [AttributeUsage(AttributeTargets.Method, AllowMultiple = false, Inherited = false)]
    public sealed class CustomerResourceAttribute : Attribute
    {
        private readonly string _resourceName;

        public CustomerResourceAttribute(string resourceName)
        {
            _resourceName = resourceName;
        }
        /// <summary>
        /// 资源名称
        /// </summary>
        public string ResourceName
        {
            get { return _resourceName; }
        }

        /// <summary>
        /// 资源描述
        /// </summary>
        public string Descript { get; set; }
    }
}

 

这里CustomerResourceAttribute是实现权限细分判断的关键点,在权限配置中,我们把每一个Action都存储到数据库中,实现界面(B/S)

 

通过Code实现当前用户是否具有该权限(当然也可以通过ID),Code实现了不可重复的检查。

目前这个过滤器底层使用了通用权限管理系统,主要用于权限菜单的存储及判断,数据库及功能设计上完全考虑到了各种形式的判断(按用户、公司、角色)。结合Asp.net MVC,轻轻松松就实现了权限过滤器功能。开发人员只需要会配置系统菜单及系统角色,通过接口或底层dll完全就可以了,开发人员只需关注业务功能的实现。

其它语言,如有类似权限判断全局访问过滤器的功能,也可参照实现。

对以上功能,如有疑问,欢迎一起探讨~~~

 

根据园友“wzmzang”的需求,提供OperateContext源码,大家参考~~

 

namespace DotNet.MVC.Infrastructure
{
    using DotNet.MVC.Infrastructure.Caching;
    using DotNet.Utilities;
    using DotNet.Model;
    using DotNet.Business;
    using DotNet.MVC.Models;

    /// <summary>
    /// OperateContext
    /// 
    /// 上下文
    /// 
    /// 修改纪录
    /// 
    /// 2015-09-13版本:1.0 SongBiao 创建文件。     
    /// 
    /// <author>
    ///     <name>SongBiao</name>
    ///     <date>2015-4-13</date>
    /// </author>
    /// </summary>

    public class OperateContext
    {
        /// <summary>
        /// 秘钥
        /// </summary>
        private string LoginUserKey = "LoginUserKey";
        /// <summary>
        /// 登陆提供者模式:Session、Cookie 
        /// </summary>
        private string LoginProvider = BusinessSystemInfo.LoginProvider;

        #region public static OperateContext Current 获取当前 操作上下文
        /// <summary>
        /// 获取当前 操作上下文 (为每个处理浏览器请求的服务器线程 单独创建 操作上下文)
        /// </summary>
        public static OperateContext Current
        {
            get
            {
                OperateContext oContext = CallContext.GetData(typeof(OperateContext).Name) as OperateContext;
                if (oContext == null)
                {
                    oContext = new OperateContext();
                    CallContext.SetData(typeof(OperateContext).Name, oContext);
                }
                return oContext;
            }
        }
        #endregion

        #region 增加的子系统之间跳转认证的code
        /// <summary>
        /// 生成Code
        /// </summary>
        /// <param name="openid">openid</param>
        /// <param name="key">向谁跳传谁规定的key</param>
        /// <returns></returns>
        public static string MakeCode(string openid, string key)
        {
            DateTime time = DateTime.Now;
            string data = time.ToString("dd") + "_" + openid + "_" + time.ToString("yyyy") + "_" + key + "_" + time.ToString("MM");
            MD5 md5 = new MD5CryptoServiceProvider();
            byte[] result = Encoding.Default.GetBytes(data);
            byte[] output = md5.ComputeHash(result);
            data = BitConverter.ToString(output).Replace("-", "").ToLower();
            SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
            byte[] bytes = sha1.ComputeHash(Encoding.ASCII.GetBytes(data));//"596d42faf5710b35c7ea0f0a9600ee31"  F69D39E1CA07FC23C1CE62F549E9D5B9780
            //转16进制 清除前面0
            StringBuilder strB = new StringBuilder();
            for (int i = 0; i < bytes.Length; i++)
            {
                string strX2 = bytes[i].ToString("X2");
                if (strX2.Substring(0, 1) == "0")
                {
                    strX2 = strX2.Substring(1, 1);
                }
                strB.Append(strX2);
            }
            return strB.ToString();
        }
        /// <summary>
        /// Code验证
        /// </summary>
        /// <param name="openid">openid</param>
        /// <param name="code">待验证的数据</param>
        /// <param name="key">自己系统规定的key</param>
        /// <returns></returns>
        public static bool ValidateCode(string openid, string code, string key)
        {
            string signedData = MakeCode(openid, key);
            return code.Equals(signedData, StringComparison.OrdinalIgnoreCase);
        }
        #endregion

        public BaseUserInfo _userInfo = null;
        /// <summary>
        /// 获取当前用户
        /// </summary>
        /// <returns></returns>
        public BaseUserInfo UserInfo
        {
            get
            {
                try
                {
                    if (string.Equals(LoginProvider, "Cookie", StringComparison.OrdinalIgnoreCase))
                    {
                        if (!string.IsNullOrWhiteSpace(CookieHelper.GetCookie(LoginUserKey)))
                        {
                            _userInfo = JsonConvert.DeserializeObject<BaseUserInfo>(SecretUtil.Decrypt(CookieHelper.GetCookie(LoginUserKey)));
                        }
                    }
                    else
                    {
                        if (SessionHelper.Get(LoginUserKey) != null)
                        {
                            _userInfo = JsonConvert.DeserializeObject<BaseUserInfo>(SecretUtil.Decrypt(SessionHelper.Get(LoginUserKey).ToString()));
                        }
                    }
                    return _userInfo;
                }
                catch
                {
                    throw new Exception("登录信息超时,请重新登录。");
                }
            }
            set
            {
                _userInfo = value;
            }
        }

        #region Http上下文 及 相关属性
        /// <summary>
        /// Http上下文
        /// </summary>
        HttpContext ContextHttp
        {
            get
            {
                return HttpContext.Current;
            }
        }
        /// <summary>
        /// 输出对象
        /// </summary>
        HttpResponse Response
        {
            get
            {
                return ContextHttp.Response;
            }
        }
        /// <summary>
        /// 请求对象
        /// </summary>
        HttpRequest Request
        {
            get
            {
                return ContextHttp.Request;
            }
        }
        /// <summary>
        /// Session对象
        /// </summary>
        System.Web.SessionState.HttpSessionState Session
        {
            get
            {
                return ContextHttp.Session;
            }
        }

        #endregion

        #region public void AddCurrent(BaseUserInfo userInfo) 写入登录信息
        /// <summary>
        /// 写入登录信息
        /// </summary>
        /// <param name="userInfo">成员信息</param>
        public void AddCurrent(BaseUserInfo userInfo)
        {
            try
            {
                userInfo.SystemCode = BaseSystemInfo.SystemCode;
                if (LoginProvider == "Cookie")
                {
                    CookieHelper.WriteCookie(LoginUserKey, SecretUtil.Encrypt(JsonConvert.SerializeObject(userInfo)), 1440);
                }
                else
                {
                    SessionHelper.Add(LoginUserKey, SecretUtil.Encrypt(JsonConvert.SerializeObject(userInfo)));
                }
                //清除上一次的
                ICacheManager cacheManager = new MemoryCacheManager();
                cacheManager.Clear();
            }
            catch (Exception ex)
            {
                throw new Exception(ex.Message);
            }
        }
        #endregion
       

        #region public void RemoveCurrent() 删除登录信息
        /// <summary>
        /// 删除登录信息
        /// </summary>
        public void RemoveCurrent()
        {
            if (LoginProvider == "Cookie")
            {
                HttpCookie objCookie = new HttpCookie(LoginUserKey.Trim());
                objCookie.Expires = DateTime.Now.AddYears(-5);
                ContextHttp.Response.Cookies.Add(objCookie);
            }
            else
            {
                SessionHelper.Remove(LoginUserKey.Trim());
            }
            ICacheManager cacheManager = new MemoryCacheManager();
            cacheManager.Clear();
        }
        #endregion

        #region public bool IsOverdue() 是否过期
        /// <summary>
        /// 是否过期
        /// </summary>
        /// <returns></returns>
        public bool IsOverdue()
        {
            object str = "";
            if (LoginProvider == "Cookie")
            {
                str = CookieHelper.GetCookie(LoginUserKey);
            }
            else
            {
                str = SessionHelper.Get(LoginUserKey);
            }
            if (str != null && str.ToString() != "")
            {
                return true;
            }
            else
            {
                return false;
            }
        }
        #endregion

        #region public bool IsStaticResource() 是否是访问静态资源
        /// <summary>
        /// public  bool IsStaticResource() 是否是访问静态资源
        /// </summary>
        /// <returns></returns>
        public bool IsStaticResource()
        {
            if (ContextHttp == null)
                throw new ArgumentNullException("request");
            string path = ContextHttp.Request.Path;
            string extension = VirtualPathUtility.GetExtension(path);
            if (extension == null) return false;
            switch (extension.ToLower())
            {
                case ".axd":
                case ".ashx":
                case ".bmp":
                case ".css":
                case ".gif":
                case ".htm":
                case ".html":
                case ".ico":
                case ".jpeg":
                case ".jpg":
                case ".js":
                case ".png":
                case ".rar":
                case ".zip":
                    return true;
            }
            return false;
        }
        #endregion

        #region public string ServerVariables(string name) 获取服务器端变量
        /// <summary>
        /// Gets server variable by name
        /// </summary>
        /// <param name="name">Name</param>
        /// <returns>Server variable</returns>
        public string ServerVariables(string name)
        {
            string result = string.Empty;
            try
            {
                if (ContextHttp == null || ContextHttp.Request == null)
                    return result;

                //put this method is try-catch 
                //as described here http://www.nopcommerce.com/boards/t/21356/multi-store-roadmap-lets-discuss-update-done.aspx?p=6#90196
                if (ContextHttp.Request.ServerVariables[name] != null)
                {
                    result = ContextHttp.Request.ServerVariables[name];
                }
            }
            catch
            {
                result = string.Empty;
            }
            return result;
        }
        #endregion

        #region public static string GetClientIP() 获取客户端的IP地址
        /// <summary>
        /// 获取客户端的IP地址
        /// </summary>
        /// <returns></returns>
        public static string GetClientIP()
        {
            string result = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
            if (!string.IsNullOrEmpty(result))
            {
                //可能有代理 
                if (result.IndexOf(".", StringComparison.Ordinal) == -1)
                    //没有"."肯定是非IPv4格式 
                    result = null;
                else
                {
                    if (result.IndexOf(",", StringComparison.Ordinal) != -1)
                    {
                        //有",",估计多个代理。取第一个不是内网的IP。 
                        result = result.Replace(" ", "").Replace("", "");
                        string[] temparyip = result.Split(",;".ToCharArray());
                        for (int i = 0; i < temparyip.Length; i++)
                        {
                            if (IsIPAddress(temparyip[i]) && temparyip[i].Substring(0, 3) != "10." && temparyip[i].Substring(0, 7) != "192.168" && temparyip[i].Substring(0, 7) != "172.16.")
                            {
                                return temparyip[i];//找到不是内网的地址 
                            }
                        }
                    }
                    else if (IsIPAddress(result)) //代理即是IP格式 
                        return result;
                    else
                        result = null;//代理中的内容 非IP,取IP 
                }
            }
            string ipAddress =
            (HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != null &&
            HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != String.Empty) ? HttpContext.Current.Request.ServerVariables
            ["HTTP_X_FORWARDED_FOR"] : HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
            if (string.IsNullOrEmpty(result))
                result = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
            if (string.IsNullOrEmpty(result))
                result = HttpContext.Current.Request.UserHostAddress;
            return result;
        }
        /// <summary>
        /// ip判断
        /// </summary>
        /// <param name="str1"></param>
        /// <returns></returns>
        private static bool IsIPAddress(string str1)
        {
            if (string.IsNullOrEmpty(str1) || str1.Length < 7 || str1.Length > 15)
                return false;
            string regformat = @"^\d{1,3}[\.]\d{1,3}[\.]\d{1,3}[\.]\d{1,3}$";
            Regex regex = new Regex(regformat, RegexOptions.IgnoreCase);
            return regex.IsMatch(str1);
        }
        #endregion
 

        /// <summary>
        /// 解决Error"基础连接已经关闭: 未能为SSL/TLS 安全通道建立信任关系。"
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="certificate"></param>
        /// <param name="chain"></param>
        /// <param name="sslPolicyErrors"></param>
        /// <returns></returns>
        private static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            return true;
        }

        /// <summary>
        /// 业务库连接
        /// </summary>
        public static IDbHelper BusinessDbHelper
        {
            get
            {
                return DbHelperFactory.GetHelper(BaseSystemInfo.BusinessDbType, BaseSystemInfo.BusinessDbConnection);
            }
        }

        /// <summary>
        /// 用户中心库连接
        /// </summary>
        public static IDbHelper UserCenterDbHelper
        {
            get
            {
                return DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType, BaseSystemInfo.UserCenterDbConnection);
            }
        }


    }
}
View Code

 

posted @ 2015-12-29 22:46  三人成虎  阅读(10698)  评论(10编辑  收藏  举报