1 namespace BCPayWeb.Core 2 { 3 public class UserLoginAttribute : AuthorizeAttribute 4 { 5 protected override bool AuthorizeCore(HttpContextBase httpContext) 6 { 7 // httpContext.Session["User"] = new Users() { Id = 1, RoleId = 1 }; 8 9 if (httpContext.Session["User"] == null) 10 { 11 httpContext.Response.StatusCode = 401; 12 return false; 13 } 14 15 16 base.AuthorizeCore(httpContext); 17 18 return true; 19 } 20 21 public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext) 22 { 23 24 try 25 { 26 string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; 27 string actionName = filterContext.ActionDescriptor.ActionName; 28 29 30 if (filterContext.HttpContext.Session["User"] == null) 31 { 32 if (controllerName.ToLower() != "users") 33 { 34 if (filterContext.HttpContext.Request.IsAjaxRequest()) 35 { 36 37 throw new Exception("登录超时,请重新登录。"); 38 } 39 40 string url = filterContext.HttpContext.Request.RawUrl; 41 if (url.Length < 4 || url.Contains("Excel") || url.Contains("excel")) 42 { 43 BCPayWebDataContext db = new BCPayWebDataContext(); 44 url = "/Pay/Phone?mid=2"; 45 } 46 filterContext.Result = new RedirectResult(string.Format("/Users/Login?returnUrl={0}", HttpUtility.UrlEncode(url))); 47 return; 48 } 49 } 50 51 if (controllerName.ToLower() != "menu") 52 { 53 BCPayWebDataContext db = new BCPayWebDataContext(); 54 var user = filterContext.HttpContext.Session["User"] as SerializableUser; 55 56 var query = from q in db.RoleMenu 57 where q.RoleId == user.RoleId && q.Menu.Url.ToLower() == string.Format("/{0}/{1}", controllerName, actionName).ToLower() 58 select q; 59 60 if (query.Count() < 1) 61 { 62 throw new Exception("您没有权限访问此页面。"); 63 } 64 } 65 66 67 filterContext.HttpContext.Session["Error"] = null; 68 69 base.OnAuthorization(filterContext); 70 } 71 catch (Exception ex) 72 { 73 try 74 { 75 76 filterContext.HttpContext.Session["Error"] = ex.Message; 77 filterContext.HttpContext.Response.Write(ex.Message); 78 filterContext.HttpContext.Response.End(); 79 filterContext.Result = new RedirectResult("/Users/Login"); 80 } 81 catch (Exception) 82 { 83 } 84 } 85 86 } 87 88 protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) 89 { 90 91 if (filterContext.HttpContext.Request.IsAjaxRequest()) 92 { 93 } 94 else 95 { 96 string url = filterContext.HttpContext.Request.RawUrl; 97 if (url.Length < 4) 98 { 99 url = "/Pay/Phone?mid=2"; 100 } 101 filterContext.Result = new RedirectResult(string.Format("/Users/Login?returnUrl={0}", HttpUtility.UrlEncode(url))); 102 } 103 } 104 } 105 }
引用时 只需在acticon或方法名上上加入
[UserLoginAttribute]即可
1 [UserLoginAttribute] 2 public class MenuController : Controller 3 { 4 //左侧导航 5 // GET: /Menu/ 6 public PartialViewResult Index() 7 { 8 var user = Session["User"] as SerializableUser; 9 if (user != null) 10 { 11 BCPayWebDataContext db = new BCPayWebDataContext(); 12 13 var query = from q in db.RoleMenu 14 where q.RoleId == user.RoleId && q.Menu.IsShow == 1 15 orderby q.Menu.Id ascending 16 select new MyMenu 17 { 18 Id = q.Menu.Id, 19 ParentId = q.Menu.ParentId, 20 Tip = q.Menu.Tip, 21 Title = q.Menu.Title, 22 Type = q.Menu.Type, 23 Url = q.Menu.Url, 24 Sort = q.Menu.Sort, 25 }; 26 27 var lst = query.ToList(); 28 29 lst.Sort(SortMenuCompare); 30 31 return PartialView(lst); 32 } 33 34 35 return PartialView(); 36 } 37 38 39 private static int SortMenuCompare(MyMenu m1, MyMenu m2) 40 { 41 return m1.Sort.CompareTo(m2.Sort); 42 } 43 44 }