利用.Net自带的票据完成BaseController的未登陆自动跳转到登陆页功能

时间:2021-01-26 08:08:16

一:定义票据中要记录的字段类

/// <summary>
/// 用户存在于浏览器端的身份票据(非持久)
/// 非持久 FormsAuthenticationTicket 的isPersistent为false只存于浏览器
/// 持久 True 也存于(win7中的位置为C:\Users\用户名\AppData\Roaming\Microsoft\Windows\Cookies,注意Appdata是个隐藏的文件夹)
/// </summary>
public class UserTicket
{
  /// <summary>
  /// 用户Id(主键)
  /// </summary>
  public int UserId { get; set; }

  /// <summary>
  /// 用户账号
  /// </summary>
  public string UserAccount { get; set; }

  /// <summary>
  /// 用户姓名
  /// </summary>
  public string UserName { get; set; }

  /// <summary>
  /// 角色Id列表
  /// </summary>
  public List<int> RoleIds { get; set; }
}

二:用户登录控制器

public class LoginController : Controller

{

[HttpPost]
[AllowAnonymous]
public ActionResult Index(LoginModel model)
{

  //....DTO

  //获取用户账号,UserId,用户姓名和权限存入userdata里。
  UserTicket userTicket = new UserTicket();
  userTicket.UserId = entity.UserId;
  userTicket.UserAccount = entity.UserAcount;
  userTicket.UserName = entity.UserName;
  List<int> roles = new List<int>() { 1, 2, 3 };
  userTicket.RoleIds = roles;
  string userdata = string.Empty;
  if (entity != null)
  {
    userdata = JsonHelper.ToJSON(userTicket);
  }
//保存身份票据
  SetAuthenticationToken(entity.UserAcount, userdata);

}

//存票据

public void SetAuthenticationToken(string name, string userdata, bool createPersistentCookie = false)
{
   FormsAuthentication.SetAuthCookie(name, true, FormsAuthentication.FormsCookiePath);
   FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, name.ToString(), DateTime.Now, DateTime.Now.AddDays(1), true, userdata);
   string encTicket = FormsAuthentication.Encrypt(authTicket);
   this.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
}

}

三:在BaseController中解析票据并实现跳转路由

public class BaseController : Controller
{

/// <summary>
/// 用于检测用户是否登录,未登录的话跳转登录页面
/// </summary>
/// <param name="filterContext"></param>
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
  base.OnActionExecuting(filterContext);
  //这里判断出没有登录然后进行跳转
  if (String.IsNullOrEmpty(LoginUserInfo().UserAccount)) //未登录
   {
     //未登陆返回登陆页
     filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "Login", action = "Index" }));
   }
}

/// <summary>
/// 取得登录用户信息
/// </summary>
/// <returns></returns>
protected UserTicket LoginUserInfo()
{
  string name = System.Web.HttpContext.Current.User.Identity.Name;
  UserTicket userTicket = new UserTicket();
  if (!string.IsNullOrEmpty(name))
  {
    FormsIdentity id = (FormsIdentity)System.Web.HttpContext.Current.User.Identity;
    FormsAuthenticationTicket ticket = id.Ticket;
    userTicket = JsonHelper.ParseJSON<UserTicket>(id.Ticket.UserData); 
  }
  return userTicket;
}

}

最后一步就是在想要的验证登陆的控制器前继承BaseController就好了