Verify the logon and permissions in MVC, and verify the logon permissions in MVC.

Verify the logon and permissions in MVC, and verify the logon permissions in MVC.

Using mvc as the background management system requires logon and permission judgment. Here the ActionFilterAttribute feature of mvc is used.

The details are as follows:

Declare a CheckUser class that inherits the ActionFilterAttribute class

Public class CheckUserFilter: ActionFilterAttribute
{
Public override void OnActionExecuting (ActionExecutingContext filterContext)
{
Base. OnActionExecuting (filterContext );
If (filterContext. HttpContext. Request. Cookies ["backUser"] = null)
{
FilterContext. HttpContext. Response. Redirect ("~ /Home/Login "); // jump to the logon page for Logon
}
Else
{
String controllerName = filterContext. RouteData. Values ["controller"]. ToString ();
BackLogin blogin = new BackLogin ();
Bool l = blogin. IsLogin (); // verify the information in cookies again to prevent forgery
If (l = false)
{
FilterContext. HttpContext. Response. Redirect ("~ /Home/Login ");
}
Else
{
Bool B = blogin. IsHavaRights (controllerName); // verify the permission
If (B = false)
{
FilterContext. HttpContext. Response. Redirect ("~ /Home/NoRight ");
}
}
}
}

}

The next step is simple. You only need to add verification on the action to be verified.

[CheckUser]public ActionResult Index(){       return View();  }

If you do not log on, or you do not have the required permissions, the page is displayed.

Of course, other verification features such as the AuthorizeAttribute class exist in mvc. Specific use methods, a lot of online.

 

Indicate the source for reprinting.