Asp.Net MVC 权限控制(一):使用 Authorize Roles 简单实现
浏览数:592 /
时间:2015年06月09日
最近由于项目的需要对权限控制做了几个Demo,贴出来供大家拍砖!
首先创建一个 BaseController ,让所有的Controller继承自BaseController 。
[Authorize]
public class BaseController : Controller
{
}
系统登录需要一个 AccountController ,继承自BaseController ,并添加匿名访问标记 AllowAnonymous。
AccountController 实现系统的登录功能,并将用户信息保存到Cookie中。
[AllowAnonymous]
public class AccountController : BaseController
{
public ActionResult Index()
{
return View();
}
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
return View();
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
string roles = "";
var userName = model.UserName;
if (userName == "admin")
{
roles = "Admin";
}
else if (userName == "ib")
{
roles = "IBusiness";
}
else if(userName == "ia")
{
roles = "IApproval";
}
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20),
false,
roles//写入用户角色
);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
System.Web.HttpCookie authCookie = new System.Web.HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
System.Web.HttpContext.Current.Response.Cookies.Add(authCookie);
return string.IsNullOrEmpty(returnUrl) ?
RedirectToAction("Index", "Home")
: RedirectToLocal(returnUrl);
}
private ActionResult RedirectToLocal(string returnUrl)
{
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
public ActionResult LogOff()
{
FormsAuthentication.SignOut();
return RedirectToAction("Index", "Home");
}
}
}
在系统的业务Controller中添加角色验证标记。
[Authorize(Roles = "Admin,IBusiness,IApproval")]
public class InfrastructureController : BaseController
{
public ActionResult Index()
{
return View();
}
[Authorize(Roles = "IBusiness")]
public ActionResult Add()
{
return View();
}
[Authorize(Roles = "IApproval")]
public ActionResult Approval()
{
return this.View();
}
}
最后在Global.asax中添加验证。
/// <summary>
/// 构造方法
/// </summary>
public MvcApplication()
{
AuthorizeRequest += new EventHandler(Application_AuthenticateRequest);
}
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null || authCookie.Value == "")
{
return;
}
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch
{
return;
}
string[] roles = authTicket.UserData.Split(new char[] { ‘,‘ });
if (Context.User != null)
{
Context.User = new System.Security.Principal.GenericPrincipal(Context.User.Identity, roles);
}
}
代码下载:AuthorizationPro.zip
(注:由于dll太多,文件压缩过大,已将demo中dll包删除)
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
