The vast majority of systems that are developed daily involve managing user login and authorization issues. The login function (authentication) is open for all users, while authorization (Authorization) is open for a certain user role.
In ASP, Microsoft has helped developers build a powerful authentication authorization framework such as the ASP. But if you want to customize more logic functions, you have to do it yourself.
Based on my daily development experience, I've summarized the following 1 ways:
1 After learning a lot of people's code, found in the controller has a onactionexecuting method, this method is executed before the action, very convenient.
The derived classes are as follows:
public class authenticationcontrollor:controller{ protected override void OnActionExecuting ( ActionExecutingContext filtercontext) { if (filtercontext.httpcontext.session["username"] = = null) Filtercontext.result = new Redirecttorouteresult ("Login", new RouteValueDictionary {"From", Request.Url.ToString ()}} ); Base. OnActionExecuting (Filtercontext); }}
Use the following classes:
Do not need to write any more logic code to determine whether to log in and jump to public class homecontroller:authenticationcontrollor{public actionresult Index () { return View (); }}
2. Inheritance ActionFilterAttribute:
Because the inherited controller method is not suitable for some actions under a controller that require logging on to some actions that do not require a login, it is better to write a uniform feature for each action.
ActionFilterAttribute also has a onactionexecuting method, like the controller, the same abstract implementation of the Iactionfilter interface.
The derived classes are as follows:
Login authentication feature public class authenticationattribute:actionfilterattribute{public override void OnActionExecuting ( ActionExecutingContext filtercontext) { if (filtercontext.httpcontext.session["username"] = = null) Filtercontext.result = new Redirecttorouteresult ("Login", new RouteValueDictionary {"From", Request.Url.ToString ()}} ); Base. OnActionExecuting (Filtercontext); }}
Here's how to use it:
public class Homecontroller:controller { [authentication] public actionresult Index () { return View (); }}
If you want to use this filter for all actions for the entire MVC project, the steps are as follows:
A. Ensure that the Global.asax.cs Application_Start method contains the following red lines:
public class mvcapplication:system.web.httpapplication{ protected void Application_Start () { Arearegistration.registerallareas (); Webapiconfig.register (globalconfiguration.configuration); Filterconfig.registerglobalfilters (globalfilters.filters); Routeconfig.registerroutes (routetable.routes); }}
B. Register the corresponding feature filter in the FilterConfig.cs file:
public class filterconfig{public static void Registerglobalfilters (Globalfiltercollection filters) { Filters. ADD (New Handleerrorattribute ()); Filters. ADD (New Authenticationattribute ());} }
How to determine user login and authorization under ASP.