public class Verify : AuthorizeAttribute
{
public override void OnAuthorization(AuthorizationContext filterContext)
{
var user = filterContext.HttpContext.Session["CurrentUser"];
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
//判斷是否Action判斷是否跳過授權過濾器
{
return;
}
else if (filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
//判斷是否Controller判斷是否跳過授權過濾器
{
return;
}
else if (user == null || string.IsNullOrWhiteSpace(user.ToString()))
//判斷用戶是否登錄
{
filterContext.Result = new RedirectResult("../Login/Login");
}
else
{
return;
}
}
}
全局授權驗證
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
filters.Add(new Verify());
}
}
控制器授權驗證
[Verify]
public class LoginController : Controller
{
}
public class LoginController : Controller
{
方法授權驗證
[Verify]
public ActionResult UserInfo(Models.UserInfo userInfo)
{
}
}
public class LoginController : Controller
{
/// <summary>
/// 登錄
/// </summary>
/// <param name="userInfo"></param>
/// <returns></returns>
[HttpPost]
[AllowAnonymous]//方法忽略驗證
public ActionResult Login(Models.UserInfo userInfo)
{
}
}
