在mvc3中使用uploadify上传组件User.isAuthenticated等于false解决方法

我们前台html这样定义

  @{
 var auth = Request.Cookies[FormsAuthentication.FormsCookieName] == null ? string.Empty : Request.Cookies[FormsAuthentication.FormsCookieName].Value;
}
<script  src="@Url.Content("~/Uploadify/swfobject.js")" type="text/javascript"></script>
<script  src="@Url.Content("~/Uploadify/jquery.uploadify.v2.1.4.min.js")" type="text/javascript"></script>
<script type="text/javascript">
// <![CDATA[
    $(document).ready(function () {
        $('#file_upload').uploadify({
            'uploader': '@Url.Content("~/Uploadify/uploadify.swf")',
            'script': '@Url.Content("~/Admin/Product/Process")',
            'cancelImg': '@Url.Content("~/uploadify/cancel.png")',
            'folder': '@Url.Content("~/Content/goods")',
            // 'scriptData': { 'ASPSESSID':@sessionId' },
            'auto': true,
            'multi': true,
            'queueID': 'custom-queue',
            'fileExt': '*.jpg;*.gif;*.png',
            'fileDesc': 'Image Files (.JPG, .GIF, .PNG)',
            'queueSizeLimit': 10,
            'onSelectOnce': function (event, data) {
                $('#file_upload').uploadifySettings('scriptData', {'token': '@auth' });
                $('#status-message').text(data.filesSelected + ' files have been added to the queue.');

            },
            'onAllComplete': function (event, data) {
                $('#status-message').text(data.filesUploaded + ' files uploaded, ' + data.errors + ' errors.');
            }
        });
    });
// ]]>

注意这句

$('#file_upload').uploadifySettings('scriptData', {'token': '@auth' });
选择文件的时候,我们把auth也返回到服务器上.注意这里参数名"token"
然后我们后台:
public class UploadAuthenticationAttribute : AuthorizeAttribute
    {
        private const string TOKEN_KEY = "token";
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {

           
                string token = httpContext.Request.Params[TOKEN_KEY];

                if (token != null)
                {
                    FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(token);

                    if (ticket != null)
                    {
                        FormsIdentity identity = new FormsIdentity(ticket);
                        string[] roles = {"Administrators" }; //System.Web.Security.Roles.GetRolesForUser(identity.Name); 注意这里,如果你没有启用asp.net权限系统,会报错。
                        GenericPrincipal principal = new GenericPrincipal(identity, roles);
                        httpContext.User = principal;
                    }
                }
           
            return base.AuthorizeCore(httpContext);
        }

在你要上传的action上面加个[UploadAuthentication]就行了。

例如:

[UploadAuthentication]
        public void Process(HttpPostedFileBase fileData, string folder)
{
 //dosomething...
}
posted @ 2012-04-27 15:16  Xia.CJ  阅读(827)  评论(0编辑  收藏  举报