diff --git a/Bootstrap.Admin/App_Start/BAAuthorizeAttribute.cs b/Bootstrap.Admin/App_Start/BAAuthorizeAttribute.cs
index 094db468..0ca72d1a 100644
--- a/Bootstrap.Admin/App_Start/BAAuthorizeAttribute.cs
+++ b/Bootstrap.Admin/App_Start/BAAuthorizeAttribute.cs
@@ -1,5 +1,7 @@
-using Longbow.Web.Mvc;
+using Longbow.Security.Principal;
+using Longbow.Web.Mvc;
using System;
+using System.Web.Mvc;
namespace Bootstrap.Admin
{
@@ -9,6 +11,40 @@ namespace Bootstrap.Admin
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
class BAAuthorizeAttribute : LgbAuthorizeAttribute
{
+ public override void OnAuthorization(AuthorizationContext filterContext)
+ {
+ if (filterContext.HttpContext.User.Identity.IsAuthenticated)
+ {
+ var roles = "Administrators;Users".Split(';'); //RoleHelper.RetrieveRolesByUserName();
+ filterContext.HttpContext.User = new LgbPrincipal(filterContext.HttpContext.User.Identity, roles);
+ }
+ base.OnAuthorization(filterContext);
+ }
+ ///
+ ///
+ ///
+ ///
+ ///
+ protected override bool AuthenticateRole(string userName)
+ {
+ Roles = "Administrators;SupperAdmin"; //RoleHelper.RetrieveRolesByUrl();
+ return base.AuthenticateRole(userName);
+ }
+ ///
+ ///
+ ///
+ ///
+ protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
+ {
+ if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
+ {
+ base.HandleUnauthorizedRequest(filterContext);
+ return;
+ }
+ var view = new ViewResult();
+ view.ViewName = "UnAuthorized";
+ filterContext.Result = view;
+ }
}
}
\ No newline at end of file
diff --git a/Bootstrap.Admin/Controllers/HomeController.cs b/Bootstrap.Admin/Controllers/HomeController.cs
index db1e6cc8..555f0a83 100644
--- a/Bootstrap.Admin/Controllers/HomeController.cs
+++ b/Bootstrap.Admin/Controllers/HomeController.cs
@@ -36,6 +36,7 @@ namespace Bootstrap.Admin.Controllers
model.UserName = userName;
if (LgbPrincipal.IsAdmin(userName) || UserHelper.Authenticate(userName, password))
{
+ LgbPrincipal.SavePrincipalCookie(new LgbUser() { RealUserName = userName });
FormsAuthentication.RedirectFromLoginPage(userName, false);
}
return View(model);
@@ -44,6 +45,7 @@ namespace Bootstrap.Admin.Controllers
///
///
///
+ [AllowAnonymous]
public ActionResult Logout()
{
FormsAuthentication.SignOut();
diff --git a/Bootstrap.DataAccess/User.cs b/Bootstrap.DataAccess/User.cs
index 1dc44c5b..a754d025 100644
--- a/Bootstrap.DataAccess/User.cs
+++ b/Bootstrap.DataAccess/User.cs
@@ -3,17 +3,13 @@
///
/// 用户表实体类
///
- public class User
+ public class User : Longbow.Security.Principal.LgbUser
{
///
/// 获得/设置 用户主键ID
///
public int ID { get; set; }
///
- /// 获得/设置 登陆账号
- ///
- public string UserName { get; set; }
- ///
/// 获取/设置 密码
///
public string Password { get; set; }
@@ -22,10 +18,6 @@
///
public string PassSalt { get; set; }
///
- /// 获取/设置 显示名称
- ///
- public string DisplayName { get; set; }
- ///
/// 获取/设置 角色用户关联状态 checked 标示已经关联 '' 标示未关联
///
public string Checked { get; set; }