找回密码
当前位置:Mikel > 开发笔记 > ASP.NET MVC > 正文

[转载]Asp.Net MVC 权限控制(一):使用 Authorize Roles 简单实现 - Jetlian - 博客园

2015-06-09 分类:ASP.NET MVC 阅读(526) 评论(0)

来源: [转载]Asp.Net MVC 权限控制(一):使用 Authorize Roles 简单实现 – Jetlian – 博客园

最近由于项目的需要对权限控制做了几个Demo,贴出来供大家拍砖!

 

首先创建一个 BaseController ,让所有的Controller继承自BaseController 。

<div class="container">
<div class="line number1 index0 alt2"><code class="csharp plain">[Authorize]</code></div>
<div class="line number2 index1 alt1"><code class="csharp keyword">public</code> <code class="csharp keyword">class</code> <code class="csharp plain">BaseController : Controller</code></div>
<div class="line number3 index2 alt2"><code class="csharp plain">{</code></div>
<div class="line number4 index3 alt1"></div>
<div class="line number5 index4 alt2"><code class="csharp plain">}</code></div>
<div class="line number5 index4 alt2">

系统登录需要一个 AccountController ,继承自BaseController ,并添加匿名访问标记 AllowAnonymous。

AccountController 实现系统的登录功能,并将用户信息保存到Cookie中。

<div class="container">
<div class="line number1 index0 alt2"><code class="csharp spaces">    </code><code class="csharp plain">[AllowAnonymous]</code></div>
<div class="line number2 index1 alt1"><code class="csharp spaces">    </code><code class="csharp keyword">public</code> <code class="csharp keyword">class</code> <code class="csharp plain">AccountController : BaseController</code></div>
<div class="line number3 index2 alt2"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number4 index3 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult Index()</code></div>
<div class="line number5 index4 alt2"><code class="csharp spaces">        </code><code class="csharp plain">{</code></div>
<div class="line number6 index5 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">return</code> <code class="csharp plain">View();</code></div>
<div class="line number7 index6 alt2"><code class="csharp spaces">        </code><code class="csharp plain">}</code></div>
<div class="line number8 index7 alt1"></div>
<div class="line number9 index8 alt2"><code class="csharp spaces">        </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult Login(</code><code class="csharp keyword">string</code> <code class="csharp plain">returnUrl)</code></div>
<div class="line number10 index9 alt1"><code class="csharp spaces">        </code><code class="csharp plain">{</code></div>
<div class="line number11 index10 alt2"><code class="csharp spaces">            </code><code class="csharp plain">ViewBag.ReturnUrl = returnUrl;</code></div>
<div class="line number12 index11 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">return</code> <code class="csharp plain">View();</code></div>
<div class="line number13 index12 alt2"><code class="csharp spaces">        </code><code class="csharp plain">}</code></div>
<div class="line number14 index13 alt1"></div>
<div class="line number15 index14 alt2"><code class="csharp spaces">        </code><code class="csharp plain">[HttpPost]</code></div>
<div class="line number16 index15 alt1"><code class="csharp spaces">        </code><code class="csharp plain">[AllowAnonymous]</code></div>
<div class="line number17 index16 alt2"><code class="csharp spaces">        </code><code class="csharp plain">[ValidateAntiForgeryToken]</code></div>
<div class="line number18 index17 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult Login(LoginModel model, </code><code class="csharp keyword">string</code> <code class="csharp plain">returnUrl)</code></div>
<div class="line number19 index18 alt2"><code class="csharp spaces">        </code><code class="csharp plain">{</code></div>
<div class="line number20 index19 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">string</code> <code class="csharp plain">roles = </code><code class="csharp string">""</code><code class="csharp plain">;</code></div>
<div class="line number21 index20 alt2"><code class="csharp spaces">            </code><code class="csharp keyword">var</code> <code class="csharp plain">userName = model.UserName;</code></div>
<div class="line number22 index21 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">if</code> <code class="csharp plain">(userName == </code><code class="csharp string">"admin"</code><code class="csharp plain">)</code></div>
<div class="line number23 index22 alt2"><code class="csharp spaces">            </code><code class="csharp plain">{</code></div>
<div class="line number24 index23 alt1"><code class="csharp spaces">                </code><code class="csharp plain">roles = </code><code class="csharp string">"Admin"</code><code class="csharp plain">;</code></div>
<div class="line number25 index24 alt2"><code class="csharp spaces">            </code><code class="csharp plain">}</code></div>
<div class="line number26 index25 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">else</code> <code class="csharp keyword">if</code> <code class="csharp plain">(userName == </code><code class="csharp string">"ib"</code><code class="csharp plain">)</code></div>
<div class="line number27 index26 alt2"><code class="csharp spaces">            </code><code class="csharp plain">{</code></div>
<div class="line number28 index27 alt1"><code class="csharp spaces">                </code><code class="csharp plain">roles = </code><code class="csharp string">"IBusiness"</code><code class="csharp plain">;</code></div>
<div class="line number29 index28 alt2"><code class="csharp spaces">            </code><code class="csharp plain">}</code></div>
<div class="line number30 index29 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">else</code> <code class="csharp keyword">if</code><code class="csharp plain">(userName == </code><code class="csharp string">"ia"</code><code class="csharp plain">)</code></div>
<div class="line number31 index30 alt2"><code class="csharp spaces">            </code><code class="csharp plain">{</code></div>
<div class="line number32 index31 alt1"><code class="csharp spaces">                </code><code class="csharp plain">roles = </code><code class="csharp string">"IApproval"</code><code class="csharp plain">;</code></div>
<div class="line number33 index32 alt2"><code class="csharp spaces">            </code><code class="csharp plain">}</code></div>
<div class="line number34 index33 alt1"><code class="csharp spaces">            </code></div>
<div class="line number35 index34 alt2"><code class="csharp spaces">            </code><code class="csharp plain">FormsAuthenticationTicket authTicket = </code><code class="csharp keyword">new</code> <code class="csharp plain">FormsAuthenticationTicket(</code></div>
<div class="line number36 index35 alt1"><code class="csharp spaces">            </code><code class="csharp plain">1,</code></div>
<div class="line number37 index36 alt2"><code class="csharp spaces">            </code><code class="csharp plain">userName,</code></div>
<div class="line number38 index37 alt1"><code class="csharp spaces">            </code><code class="csharp plain">DateTime.Now,</code></div>
<div class="line number39 index38 alt2"><code class="csharp spaces">            </code><code class="csharp plain">DateTime.Now.AddMinutes(20),</code></div>
<div class="line number40 index39 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">false</code><code class="csharp plain">,</code></div>
<div class="line number41 index40 alt2"><code class="csharp spaces">            </code><code class="csharp plain">roles</code><code class="csharp comments">//写入用户角色</code></div>
<div class="line number42 index41 alt1"><code class="csharp spaces">            </code><code class="csharp plain">);</code></div>
<div class="line number43 index42 alt2"></div>
<div class="line number44 index43 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">string</code> <code class="csharp plain">encryptedTicket = FormsAuthentication.Encrypt(authTicket);</code></div>
<div class="line number45 index44 alt2"></div>
<div class="line number46 index45 alt1"><code class="csharp spaces">            </code><code class="csharp plain">System.Web.HttpCookie authCookie = </code><code class="csharp keyword">new</code> <code class="csharp plain">System.Web.HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);</code></div>
<div class="line number47 index46 alt2"><code class="csharp spaces">            </code><code class="csharp plain">System.Web.HttpContext.Current.Response.Cookies.Add(authCookie);</code></div>
<div class="line number48 index47 alt1"></div>
<div class="line number49 index48 alt2"><code class="csharp spaces">            </code><code class="csharp keyword">return</code> <code class="csharp keyword">string</code><code class="csharp plain">.IsNullOrEmpty(returnUrl) ?</code></div>
<div class="line number50 index49 alt1"><code class="csharp spaces">                </code><code class="csharp plain">RedirectToAction(</code><code class="csharp string">"Index"</code><code class="csharp plain">, </code><code class="csharp string">"Home"</code><code class="csharp plain">)</code></div>
<div class="line number51 index50 alt2"><code class="csharp spaces">                </code><code class="csharp plain">: RedirectToLocal(returnUrl);</code></div>
<div class="line number52 index51 alt1"><code class="csharp spaces">        </code><code class="csharp plain">}</code></div>
<div class="line number53 index52 alt2"></div>
<div class="line number54 index53 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">private</code> <code class="csharp plain">ActionResult RedirectToLocal(</code><code class="csharp keyword">string</code> <code class="csharp plain">returnUrl)</code></div>
<div class="line number55 index54 alt2"><code class="csharp spaces">        </code><code class="csharp plain">{</code></div>
<div class="line number56 index55 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">if</code> <code class="csharp plain">(Url.IsLocalUrl(returnUrl))</code></div>
<div class="line number57 index56 alt2"><code class="csharp spaces">            </code><code class="csharp plain">{</code></div>
<div class="line number58 index57 alt1"><code class="csharp spaces">                </code><code class="csharp keyword">return</code> <code class="csharp plain">Redirect(returnUrl);</code></div>
<div class="line number59 index58 alt2"><code class="csharp spaces">            </code><code class="csharp plain">}</code></div>
<div class="line number60 index59 alt1"><code class="csharp spaces">            </code><code class="csharp keyword">else</code></div>
<div class="line number61 index60 alt2"><code class="csharp spaces">            </code><code class="csharp plain">{</code></div>
<div class="line number62 index61 alt1"><code class="csharp spaces">                </code><code class="csharp keyword">return</code> <code class="csharp plain">RedirectToAction(</code><code class="csharp string">"Index"</code><code class="csharp plain">, </code><code class="csharp string">"Home"</code><code class="csharp plain">);</code></div>
<div class="line number63 index62 alt2"><code class="csharp spaces">            </code><code class="csharp plain">}</code></div>
<div class="line number64 index63 alt1"><code class="csharp spaces">        </code><code class="csharp plain">}</code></div>
<div class="line number65 index64 alt2"></div>
<div class="line number66 index65 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult LogOff()</code></div>
<div class="line number67 index66 alt2"><code class="csharp spaces">        </code><code class="csharp plain">{</code></div>
<div class="line number68 index67 alt1"><code class="csharp spaces">            </code><code class="csharp plain">FormsAuthentication.SignOut();</code></div>
<div class="line number69 index68 alt2"><code class="csharp spaces">            </code><code class="csharp keyword">return</code> <code class="csharp plain">RedirectToAction(</code><code class="csharp string">"Index"</code><code class="csharp plain">, </code><code class="csharp string">"Home"</code><code class="csharp plain">);</code></div>
<div class="line number70 index69 alt1"><code class="csharp spaces">        </code><code class="csharp plain">}</code></div>
<div class="line number71 index70 alt2"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number72 index71 alt1"><code class="csharp plain">}</code></div>
<div class="line number72 index71 alt1">
在系统的业务Controller中添加角色验证标记。
</div>
<div class="line number72 index71 alt1">
<div class="container">
<div class="line number1 index0 alt2"><code class="csharp plain">[Authorize(Roles = </code><code class="csharp string">"Admin,IBusiness,IApproval"</code><code class="csharp plain">)]</code></div>
<div class="line number2 index1 alt1"><code class="csharp keyword">public</code> <code class="csharp keyword">class</code> <code class="csharp plain">InfrastructureController : BaseController</code></div>
<div class="line number3 index2 alt2"><code class="csharp plain">{</code></div>
<div class="line number4 index3 alt1"><code class="csharp spaces">    </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult Index()</code></div>
<div class="line number5 index4 alt2"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number6 index5 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">return</code> <code class="csharp plain">View();</code></div>
<div class="line number7 index6 alt2"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number8 index7 alt1"></div>
<div class="line number9 index8 alt2"><code class="csharp spaces">    </code><code class="csharp plain">[Authorize(Roles = </code><code class="csharp string">"IBusiness"</code><code class="csharp plain">)]</code></div>
<div class="line number10 index9 alt1"><code class="csharp spaces">    </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult Add()</code></div>
<div class="line number11 index10 alt2"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number12 index11 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">return</code> <code class="csharp plain">View();</code></div>
<div class="line number13 index12 alt2"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number14 index13 alt1"></div>
<div class="line number15 index14 alt2"><code class="csharp spaces">    </code><code class="csharp plain">[Authorize(Roles = </code><code class="csharp string">"IApproval"</code><code class="csharp plain">)]</code></div>
<div class="line number16 index15 alt1"><code class="csharp spaces">    </code><code class="csharp keyword">public</code> <code class="csharp plain">ActionResult Approval()</code></div>
<div class="line number17 index16 alt2"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number18 index17 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">return</code> <code class="csharp keyword">this</code><code class="csharp plain">.View();</code></div>
<div class="line number19 index18 alt2"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number20 index19 alt1"></div>
<div class="line number21 index20 alt2"><code class="csharp plain">}</code></div>
<div class="line number21 index20 alt2">
 最后在Global.asax中添加验证。
</div>
<div class="line number21 index20 alt2">
<div class="container">
<div class="line number1 index0 alt2"><code class="csharp color1">/// &lt;summary&gt;</code></div>
<div class="line number2 index1 alt1"><code class="csharp color1">/// 构造方法</code></div>
<div class="line number3 index2 alt2"><code class="csharp color1">/// &lt;/summary&gt;</code></div>
<div class="line number4 index3 alt1"><code class="csharp keyword">public</code> <code class="csharp plain">MvcApplication()</code></div>
<div class="line number5 index4 alt2"><code class="csharp plain">{</code></div>
<div class="line number6 index5 alt1"><code class="csharp spaces">    </code><code class="csharp plain">AuthorizeRequest += </code><code class="csharp keyword">new</code> <code class="csharp plain">EventHandler(Application_AuthenticateRequest);</code></div>
<div class="line number7 index6 alt2"><code class="csharp plain">}</code></div>
<div class="line number8 index7 alt1"></div>
<div class="line number9 index8 alt2"><code class="csharp keyword">protected</code> <code class="csharp keyword">void</code> <code class="csharp plain">Application_AuthenticateRequest(Object sender, EventArgs e)</code></div>
<div class="line number10 index9 alt1"><code class="csharp plain">{</code></div>
<div class="line number11 index10 alt2"><code class="csharp spaces">    </code><code class="csharp plain">HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];</code></div>
<div class="line number12 index11 alt1"><code class="csharp spaces">    </code><code class="csharp keyword">if</code> <code class="csharp plain">(authCookie == </code><code class="csharp keyword">null</code> <code class="csharp plain">|| authCookie.Value == </code><code class="csharp string">""</code><code class="csharp plain">)</code></div>
<div class="line number13 index12 alt2"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number14 index13 alt1"><code class="csharp spaces">        </code><code class="csharp keyword">return</code><code class="csharp plain">;</code></div>
<div class="line number15 index14 alt2"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number16 index15 alt1"><code class="csharp spaces">    </code><code class="csharp plain">FormsAuthenticationTicket authTicket = </code><code class="csharp keyword">null</code><code class="csharp plain">;</code></div>
<div class="line number17 index16 alt2"><code class="csharp spaces">    </code><code class="csharp keyword">try</code></div>
<div class="line number18 index17 alt1"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number19 index18 alt2"><code class="csharp spaces">        </code><code class="csharp plain">authTicket = FormsAuthentication.Decrypt(authCookie.Value);</code></div>
<div class="line number20 index19 alt1"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number21 index20 alt2"><code class="csharp spaces">    </code><code class="csharp keyword">catch</code></div>
<div class="line number22 index21 alt1"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number23 index22 alt2"><code class="csharp spaces">        </code><code class="csharp keyword">return</code><code class="csharp plain">;</code></div>
<div class="line number24 index23 alt1"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number25 index24 alt2"><code class="csharp spaces">    </code><code class="csharp keyword">string</code><code class="csharp plain">[] roles = authTicket.UserData.Split(</code><code class="csharp keyword">new</code> <code class="csharp keyword">char</code><code class="csharp plain">[] { </code><code class="csharp string">','</code> <code class="csharp plain">});</code></div>
<div class="line number26 index25 alt1"><code class="csharp spaces">    </code><code class="csharp keyword">if</code> <code class="csharp plain">(Context.User != </code><code class="csharp keyword">null</code><code class="csharp plain">)</code></div>
<div class="line number27 index26 alt2"><code class="csharp spaces">    </code><code class="csharp plain">{</code></div>
<div class="line number28 index27 alt1"><code class="csharp spaces">        </code><code class="csharp plain">Context.User = </code><code class="csharp keyword">new</code> <code class="csharp plain">System.Security.Principal.GenericPrincipal(Context.User.Identity, roles);</code></div>
<div class="line number29 index28 alt2"><code class="csharp spaces">    </code><code class="csharp plain">}</code></div>
<div class="line number30 index29 alt1"><code class="csharp plain">}</code></div>
<div class="line number30 index29 alt1">

 

 

 代码下载:AuthorizationPro.zip

(注:由于dll太多,文件压缩过大,已将demo中dll包删除)

赞(0) 打赏
分享到: 更多 (0)
标签:

相关推荐

热门标签

C# (810)ASP.NET MVC (618)Android (587)ASP.NET (447)数据库 (299)JavaScript (285)JQuery (221)PHP (209)SQLServer (197)程序开发 (156)架构设计 (155)源价值 (155)SQL (128)Java (111)EasyUi (85)教程 (76)网站 (67)Debug (63)互联网 (63)MySQL (59)Flash (56)搜索优化 (54)创意 (53)SEO (51)ASP.NET MVC3 (51)电子商务 (50)建站经验 (49)实例代码 (49)源码下载 (47)原创 (45)

分类目录

链接表

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏