验证类
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc; namespace CommonHelper
{
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class AuthorizationAttribute
{
private String _AuthUrl = String.Empty; /// <summary>
/// 获取或者设置一个值,改值表示登录地址
/// 如果web.config中未定义AuthUrl的值,则默认为login
/// </summary>
public String AuthUrl
{
get { return _AuthUrl; }
set
{
if (String.IsNullOrEmpty(value))
throw new ArgumentNullException("用于验证用户登录信息的登录地址不能为空");
else
_AuthUrl = value.Trim();
}
} private String _AuthSaveKey = String.Empty;
/// <summary>
/// 获取或者设置一个值,改值表示登录用来保存登录信息的键名
/// 如果web.config中未定义AuthSaveKey的值,则默认为LoginedUser
/// </summary>
public String AuthSaveKey
{
get { return _AuthSaveKey; }
set {
if (String.IsNullOrEmpty(value))
throw new ArgumentNullException("用于保存登录信息的键名不能为空");
else
this._AuthSaveKey = value.Trim();
}
} private String _AuthSaveType = String.Empty;
/// <summary>
/// 获取或者设置一个值,该值表示用来保存登录信息的方式
/// </summary>
public String AuthSaveType {
get { return _AuthSaveType; }
set {
if (String.IsNullOrEmpty(value))
throw new ArgumentNullException("用于保存登录信息的方式不能为空,只能为【cookie】或者【session】");
else
this._AuthSaveType = value.Trim();
}
} /// <summary>
/// 默认构造函数
/// </summary>
public AuthorizationAttribute()
{
String authUrl=System.Configuration.ConfigurationManager.AppSettings["AuthUrl"];
String saveKey = System.Configuration.ConfigurationManager.AppSettings["AuthSaveKey"];
String saceType = System.Configuration.ConfigurationManager.AppSettings["AuthSaveType"]; if (String.IsNullOrEmpty(authUrl))
this._AuthUrl = "/User/Login";
else
this._AuthUrl = authUrl; if (String.IsNullOrEmpty(saveKey))
this._AuthSaveKey = "LoginedUser";
else
this._AuthSaveKey = saveKey; if (String.IsNullOrEmpty(saceType))
this._AuthSaveType = "Session";
else
this._AuthSaveType = saceType;
} /// <summary>
/// 构造函数重载
/// </summary>
/// <param name="authUrl">表示没有登录跳转的登录地址</param>
public AuthorizationAttribute(String authUrl)
: this()
{
this._AuthUrl = authUrl;
} /// <summary>
/// 构造函数重载
/// </summary>
/// <param name="authUrl">表示没有登录跳转的登录地址</param>
/// <param name="saveKey">表示登录用来保存登录信息的键名</param>
public AuthorizationAttribute(String authUrl, String saveKey)
: this(authUrl)
{
this._AuthSaveKey = saveKey;
this._AuthSaveType = "Session";
} /// <summary>
/// 构造函数重载
/// </summary>
/// <param name="authUrl">表示没有登录跳转的登录地址</param>
/// <param name="saveKey">表示登录用来保存登录信息的键名</param>
/// <param name="saveType">表示登录用来保存登录信息的方式</param>
public AuthorizationAttribute(String authUrl, String saveKey, String saveType)
: this(authUrl, saveKey)
{
this._AuthSaveType = saveType;
} /// <summary>
/// 处理用户登录
/// </summary>
/// <param name="fileterContext"></param>
public void OnAuthorization(AuthorizationContext fileterContext)
{
if (fileterContext.HttpContext == null)
throw new Exception("次特性只适合于Web应用程序使用!");
else {
switch (AuthSaveType)
{
case "Session":
if (fileterContext.HttpContext.Session == null)
throw new Exception("服务器Session不可用!");
else if (!fileterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) && !fileterContext.ActionDescription.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
if (fileterContext.HttpContext.Session[_AuthSaveKey] == null)
fileterContext.Result = new RedirectResult(_AuthUrl);
}
break;
case "Cookie":
if (!fileterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) && !fileterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
if (fileterContext.HttpContext.Request.Cookies[_AuthSaveKey] == null)
fileterContext.Result = new RedirectResult(_AuthUrl);
}
break;
default:
throw new ArgumentNullException("用于保存登录信息的方式不能为空,只能为【Cookie】或者【Session】");
}
}
}
}
}
类
配置文件中
<appSettings>
<add key="AuthUrl" value="/User/Login">
<appSettings>
using后
在需要的页面控制器前加
[Authorization]