Asp.net 基于Cookie简易的权限判断

时间:2022-08-24 15:04:57
写入Cookie页面,创建cookie后,设置cookie属性,并添加到Response.Cookies中读取cookie,利用cookie的名字或索引从Request.Cookies中取得改写Cookie,先创建一个同名的cookie,读取Request中同名的cookie,把读取cookie的属性值付给新的对象,加入到Response.Cookies中创建一个BasePage页面,其他的页面继承自这个页面,把权限判断的代码有单个页面的Page_Load转移到BasePage的PreLoad中,下面是BasePage的主要代码 
复制代码代码如下:

public class BasePage : System.Web.UI.Page 

private string pageName; 
public BasePage() 

this.Page.PreLoad += Page_Load; 

protected void Page_Load(object sender, EventArgs e) 

if (!IsPostBack) 

Uri r = this.Request.Url; 
pageName = r.AbsolutePath; 
if (NeedToCheck()) 

if (!HasAuthentication()) 

HttpContext.Current.Response.Redirect("NoAuthenticationPage.aspx"); 




private bool NeedToCheck() 

if (pageName.Contains("NoAuthenticationPage.aspx") || pageName == "Login.aspx" ) 

return false; 

return true; 

private bool HasAuthentication() 

//look into the config file or database,to see whether this page is in the allow accessing list of the role or not; 
//the signature of the function is like this 
//QueryInConfig(m_UserRole,pageName); 
if (pageName.Contains("Default3.aspx") && UserRole == "2") 

return false; 

return true; 

protected HttpCookie _RequestCookie; 
protected HttpCookie _ResponseCookie; 
private bool b_IsNewCookie = true; 
public string UserRole 

get 

return GetCookieValue("UserRole"); 

set 

SetCookieValue("UserRole", value); 


public string UserName 

get 

return GetCookieValue("UserName"); 

set 

SetCookieValue("UserName", value); 


protected void SetCookieValue(string name, string value) 

SetResponseCookie(); 
_ResponseCookie[name] = value; 

private string GetCookieValue(string name) 

SetReqeustCookie(); 
if (_RequestCookie != null) 

return _RequestCookie[name]; 

return null; 

protected void SetReqeustCookie() 

_RequestCookie = HttpContext.Current.Request.Cookies["Cookie_Name"]; 

protected void SetResponseCookie() 

if (b_IsNewCookie) 

HttpContext.Current.Response.Cookies.Remove("Cookie_Name"); 
_ResponseCookie = new HttpCookie("Cookie_Name"); 
DateTime dtNow = DateTime.Now; 
TimeSpan tsMinute = new TimeSpan(0, 2, 0, 0); 
_ResponseCookie.Expires = dtNow + tsMinute; 
_ResponseCookie["UserRole"] = UserRole; 
_ResponseCookie["UserName"] = UserName; 
HttpContext.Current.Response.Cookies.Add(_ResponseCookie); 
b_IsNewCookie = false;