话说来到上海已经快半年了,时光如白驹过隙,稍微不注意,时间就溜走了,倒是没有那么忙碌,闲暇之际来博客园还是比较多的,记得上次在逛博问的时候看到有同志在问MVC中Cookie过期后如何作相关处理,他在阐述那么多页面不可能都去一个个手动处理。其实MVC很牛逼的地方就是把Attribute利用的非常完美,接下来就来看下它是如何做到的吧!
第一步、我们要定义一个登录过滤标签-LoginFilterAttribute并且继承AuthorizeAttribute。来看下它内部是啥样子
// Summary:
// Represents an attribute that is used to restrict access by callers to an
// action method.
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class AuthorizeAttribute : FilterAttribute, IAuthorizationFilter
{
// Summary:
// Initializes a new instance of the System.Web.Mvc.AuthorizeAttribute class.
public AuthorizeAttribute(); // Summary:
// Gets or sets the user roles.
//
// Returns:
// The user roles.
public string Roles { get; set; }
//
// Summary:
// Gets the unique identifier for this attribute.
//
// Returns:
// The unique identifier for this attribute.
public override object TypeId { get; }
//
// Summary:
// Gets or sets the authorized users.
//
// Returns:
// The authorized users.
public string Users { get; set; } // Summary:
// When overridden, provides an entry point for custom authorization checks.
//
// Parameters:
// httpContext:
// The HTTP context, which encapsulates all HTTP-specific information about
// an individual HTTP request.
//
// Returns:
// true if the user is authorized; otherwise, false.
//
// Exceptions:
// System.ArgumentNullException:
// The httpContext parameter is null.
protected virtual bool AuthorizeCore(HttpContextBase httpContext);
//
// Summary:
// Processes HTTP requests that fail authorization.
//
// Parameters:
// filterContext:
// Encapsulates the information for using System.Web.Mvc.AuthorizeAttribute.
// The filterContext object contains the controller, HTTP context, request context,
// action result, and route data.
protected virtual void HandleUnauthorizedRequest(AuthorizationContext filterContext);
//
// Summary:
// Called when a process requests authorization.
//
// Parameters:
// filterContext:
// The filter context, which encapsulates information for using System.Web.Mvc.AuthorizeAttribute.
//
// Exceptions:
// System.ArgumentNullException:
// The filterContext parameter is null.
public virtual void OnAuthorization(AuthorizationContext filterContext);
//
// Summary:
// Called when the caching module requests authorization.
//
// Parameters:
// httpContext:
// The HTTP context, which encapsulates all HTTP-specific information about
// an individual HTTP request.
//
// Returns:
// A reference to the validation status.
//
// Exceptions:
// System.ArgumentNullException:
// The httpContext parameter is null.
protected virtual HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext);
}
这里我们要重写OnAuthorization这个方法。
接下来就看下LoginFilterAttibute这个"儿子"是怎么完成"老子"交待的任务了。直接上code
public class LoginFilterAttribute:AuthorizeAttribute
{ private static string formsCookieName = FormsAuthentication.FormsCookieName; public override void OnAuthorization(AuthorizationContext filterContext)
{
HttpCookie formsCookie =
System.Web.CookieManager.GetCookie(formsCookieName);
if (formsCookie == null)
{
//页面Cookie过期后返回登录页面
RedirectToLoginPage(filterContext);
return;
} bool autenticated = HttpContext.Current.User.Identity.IsAuthenticated; //一旦发现身份不合法就作相应的处理.
if (!autenticated )
{
//redirect to login
RedirectToLoginPage(filterContext);
return;
}
//if success add login data to context
}
private static void RedirectToLoginPage(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new JsonResult()
{
Data = new {
status = "error",
message = "Unauthorized_Message"
},
JsonRequestBehavior= JsonRequestBehavior.AllowGet
};
return;
}
else
{
//返回登录页面的相关处理..........
}
}
第二步、新建一个基类Controller-BaseController并且继承Controller。
[LoginFilter]//此处就是我们上面定义的LoginFilterAttribute
public abstract partial class BaseController : Controller
{
public BaseController(){ }
//........其他相关处理
}
第三步、不是有很多页面吗?那我只要在对应的Controller去继承那个BaseController就实现了,在访问任何一个页面都会去作相应的过滤和处理。
Public Class LoginController:BaseController
{
Public ActionResult Index()
{
//........
return View();
}
}
以上纯属个人观点,如有雷同纯属巧合!谢谢阅读,如果对您有帮助,请点关注并推荐!