增加用户授权判断 Home/Logout 允许匿名访问

This commit is contained in:
Argo-Lenovo 2016-11-01 13:58:26 +08:00
parent 9f299d6d01
commit 476bc45a76
3 changed files with 40 additions and 10 deletions

View File

@ -1,5 +1,7 @@
using Longbow.Web.Mvc;
using Longbow.Security.Principal;
using Longbow.Web.Mvc;
using System;
using System.Web.Mvc;
namespace Bootstrap.Admin
{
@ -9,6 +11,40 @@ namespace Bootstrap.Admin
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
class BAAuthorizeAttribute : LgbAuthorizeAttribute
{
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.User.Identity.IsAuthenticated)
{
var roles = "Administrators;Users".Split(';'); //RoleHelper.RetrieveRolesByUserName();
filterContext.HttpContext.User = new LgbPrincipal(filterContext.HttpContext.User.Identity, roles);
}
base.OnAuthorization(filterContext);
}
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <returns></returns>
protected override bool AuthenticateRole(string userName)
{
Roles = "Administrators;SupperAdmin"; //RoleHelper.RetrieveRolesByUrl();
return base.AuthenticateRole(userName);
}
/// <summary>
///
/// </summary>
/// <param name="filterContext"></param>
protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
base.HandleUnauthorizedRequest(filterContext);
return;
}
var view = new ViewResult();
view.ViewName = "UnAuthorized";
filterContext.Result = view;
}
}
}

View File

@ -36,6 +36,7 @@ namespace Bootstrap.Admin.Controllers
model.UserName = userName;
if (LgbPrincipal.IsAdmin(userName) || UserHelper.Authenticate(userName, password))
{
LgbPrincipal.SavePrincipalCookie(new LgbUser() { RealUserName = userName });
FormsAuthentication.RedirectFromLoginPage(userName, false);
}
return View(model);
@ -44,6 +45,7 @@ namespace Bootstrap.Admin.Controllers
///
/// </summary>
/// <returns></returns>
[AllowAnonymous]
public ActionResult Logout()
{
FormsAuthentication.SignOut();

View File

@ -3,17 +3,13 @@
/// <summary>
/// 用户表实体类
/// </summary>
public class User
public class User : Longbow.Security.Principal.LgbUser
{
/// <summary>
/// 获得/设置 用户主键ID
/// </summary>
public int ID { get; set; }
/// <summary>
/// 获得/设置 登陆账号
/// </summary>
public string UserName { get; set; }
/// <summary>
/// 获取/设置 密码
/// </summary>
public string Password { get; set; }
@ -22,10 +18,6 @@
/// </summary>
public string PassSalt { get; set; }
/// <summary>
/// 获取/设置 显示名称
/// </summary>
public string DisplayName { get; set; }
/// <summary>
/// 获取/设置 角色用户关联状态 checked 标示已经关联 '' 标示未关联
/// </summary>
public string Checked { get; set; }