首页 新闻 会员 周边 捐助

实现权限登录

0
悬赏园豆:20 [已解决问题] 解决于 2018-01-03 11:49

各位大佬

    怎样才能实现权限登录:就是有不同角色,实现不同功能的

低头、深拥的主页 低头、深拥 | 初学一级 | 园豆:57
提问于:2018-01-03 11:02
< >
分享
最佳答案
0

取决于设计的颗粒度。

便于管理的方式是 —— 通过“页面”(不一定是page)不同,来达到功能不同。

然后通过RoleHasPages设置来控制。

收获园豆:20
花飘水流兮 | 专家六级 |园豆:13617 | 2018-01-03 11:05

bu不是通过spring mvc来设置的吗

低头、深拥 | 园豆:57 (初学一级) | 2018-01-03 11:07

@低头、深拥: java不熟。

但模式是一样的(名字后来都差不多了)。用filter这类拦截器的东西,通过代码控制即可实现。

花飘水流兮 | 园豆:13617 (专家六级) | 2018-01-03 11:11

@花飘水流兮: 有相关的代码吗?谢谢

低头、深拥 | 园豆:57 (初学一级) | 2018-01-03 11:13

@低头、深拥:虽然不喜欢动不动要代码的人——,给你一个曾经的,代码问题里面的一概不回答。

public class LAuthenticateAttribute : FilterAttribute, IAuthenticationFilter
{
//private const string LoginPage = "~/Account/Index";
private const string MainPage = "~/Account/Home";
private bool IsLogin { get; } = false;
private RoleCatelog Role { get; }
public LAuthenticateAttribute(RoleCatelog role =RoleCatelog.All, bool isLoginPage = false)
{
Role = role;
IsLogin = isLoginPage;
}

public void OnAuthentication(AuthenticationContext filterContext)
{
if (IsLogin) //No need role check.
{
if (SessionData.Account != null)
{
filterContext.Result = new RedirectResult(MainPage);
return;
}

var userFromClient = filterContext.RequestContext.HttpContext.Request["user"];
var pwdFromClient = filterContext.RequestContext.HttpContext.Request["pwd"];
if (string.IsNullOrEmpty(userFromClient)) { filterContext.Result = new ViewResult { ViewName = "Index", ViewData = new ViewDataDictionary { { "ErrorMsg", "请输入账号。" } }, ViewEngineCollection = ViewEngines.Engines }; return; }
if (string.IsNullOrEmpty(pwdFromClient)) { filterContext.Result = new ViewResult { ViewName = "Index", ViewData = new ViewDataDictionary { { "ErrorMsg", "请输入密码。" } }, ViewEngineCollection = ViewEngines.Engines }; return; }

var db = new G5ManagerCenterEntities();
var account = db.Accounts.FirstOrDefault(t => t.LoginName == userFromClient && t.LoginPwd == pwdFromClient);

if (account != null)
{
SessionData.Account = account;
var identity = new GenericIdentity(account.LoginName);
filterContext.Principal = new LPrincipal(identity, account);
filterContext.Result = new RedirectResult(MainPage);
return;
}
else
{
filterContext.Result = new ViewResult{ ViewName = "Index",ViewData= new ViewDataDictionary{{ "ErrorMsg", "账号不正确。" } }, ViewEngineCollection = ViewEngines.Engines };
//filterContext.Result = new RedirectResult(LoginPage);
return;
}
}
else//uri on resource.
{
if (SessionData.Account != null)
{
var account = SessionData.Account;
var accourntRole = (uint) account.Role;
var currentApiRole = (uint) Role;
if((accourntRole & currentApiRole) != accourntRole)
{
//告知,409
filterContext.Result = new HttpUnauthorizedResult("The Role can't access the uri.");
return;
}
var identity = new GenericIdentity(account.LoginName);
filterContext.Principal = new LPrincipal(identity, account);
return;
}
else
{
filterContext.RouteData.Values["controller"] = "Account";
filterContext.Result = new ViewResult { ViewName = "Index", ViewData = new ViewDataDictionary { { "ErrorMsg", "登录过期,请重新登陆。" } }, ViewEngineCollection = ViewEngines.Engines };
//filterContext.Result = new RedirectResult(LoginPage);
return;
}
}
}

public void OnAuthenticationChallenge(AuthenticationChallengeContext filterContext)
{
var currentUser = filterContext.HttpContext.User.GetAccount();
if (currentUser != null)
{
if (filterContext.Controller is Roots_LogOperatorController)return;
var result = filterContext.Result;
var uri = filterContext.HttpContext.Request.CurrentExecutionFilePath;
if (filterContext.Controller is IEntityController && uri.EndsWith("/Edit")) uri = $"{uri}?oper={filterContext.HttpContext.Request["oper"]}";
new G5msLog().WriteLog(currentUser.LoginName, uri, DateTime.Now, result.ToString());
}
}
}

花飘水流兮 | 园豆:13617 (专家六级) | 2018-01-03 11:22

@花飘水流兮: 我知道要代码是不对的,我只是对这方面有些不了解,还是要谢谢你

低头、深拥 | 园豆:57 (初学一级) | 2018-01-03 11:48
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册