|
|
@@ -7,30 +7,43 @@ using System.Linq;
|
|
7
|
7
|
using System.Web;
|
|
8
|
8
|
using System.Web.Mvc;
|
|
9
|
9
|
using System.Web.Routing;
|
|
|
10
|
+using System.Web.Security;
|
|
10
|
11
|
|
|
11
|
12
|
namespace CallCenterApi.Interface
|
|
12
|
13
|
{
|
|
13
|
14
|
public class AuthorityAttribute : AuthorizeAttribute
|
|
14
|
15
|
{
|
|
15
|
|
- private BLL.T_Sys_RoleFunction roleFunctionBLL = new BLL.T_Sys_RoleFunction();
|
|
16
|
16
|
/// <summary>
|
|
17
|
17
|
/// 权限验证
|
|
18
|
18
|
/// </summary>
|
|
19
|
19
|
/// <param name="filterContext"></param>
|
|
20
|
20
|
public override void OnAuthorization(AuthorizationContext filterContext)
|
|
21
|
21
|
{
|
|
22
|
|
- //bool isAuth = false;
|
|
23
|
|
- if (filterContext.RequestContext.HttpContext.Request.IsAuthenticated)
|
|
|
22
|
+ var context = filterContext.RequestContext.HttpContext;
|
|
|
23
|
+ var token = context.Request["token"];
|
|
|
24
|
+ if (!string.IsNullOrEmpty(token))
|
|
24
|
25
|
{
|
|
25
|
26
|
try
|
|
26
|
27
|
{
|
|
27
|
|
- var us = (FormsPrincipal<Dictionary<string, string>>)filterContext.RequestContext.HttpContext.User;
|
|
28
|
|
-
|
|
29
|
|
- var user= new BLL.T_Sys_UserAccount().GetModel(us.UserData["F_UserCode"]);
|
|
30
|
|
- if (user == null || user.F_RoleId.ToString() != us.UserData["F_RoleID"])
|
|
|
28
|
+ bool isAuth = false;
|
|
|
29
|
+ //获取FormsAuthenticationTicket对象
|
|
|
30
|
+ FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(token);
|
|
|
31
|
+ if (ticket != null && !ticket.Expired && !string.IsNullOrEmpty(ticket.UserData))
|
|
|
32
|
+ {
|
|
|
33
|
+ Dictionary<string, string> userData = ticket.UserData.ToObject<Dictionary<string, string>>();
|
|
|
34
|
+ if (userData != null)
|
|
|
35
|
+ {
|
|
|
36
|
+ var user = new BLL.T_Sys_UserAccount().GetModel(userData["F_UserCode"]);
|
|
|
37
|
+ if (user != null && user.F_RoleId.ToString() == userData["F_RoleID"])
|
|
|
38
|
+ {
|
|
|
39
|
+ isAuth = true;
|
|
|
40
|
+ context.User = new FormsPrincipal<Model.T_Sys_UserAccount>(ticket, user);//重新给context.User赋值。
|
|
|
41
|
+ }
|
|
|
42
|
+ }
|
|
|
43
|
+ }
|
|
|
44
|
+ if (!isAuth)
|
|
31
|
45
|
{
|
|
32
|
|
- //角色改变时重新登录
|
|
33
|
|
- filterContext.RequestContext.HttpContext.Response.StatusCode = 200;
|
|
|
46
|
+ context.Response.StatusCode = 200;
|
|
34
|
47
|
filterContext.Result = new ContentResult { Content = new AjaxResult { state = ResultTypes.notoken.ToString(), message = "token无效或过期,请重新登录。" }.ToJson() };
|
|
35
|
48
|
return;
|
|
36
|
49
|
}
|
|
|
@@ -38,65 +51,22 @@ namespace CallCenterApi.Interface
|
|
38
|
51
|
catch (Exception ex)
|
|
39
|
52
|
{
|
|
40
|
53
|
WriteLog(filterContext, "验证失败:" + ex.ToString());
|
|
41
|
|
- filterContext.RequestContext.HttpContext.Response.StatusCode = 200;
|
|
|
54
|
+ context.Response.StatusCode = 200;
|
|
42
|
55
|
filterContext.Result = new ContentResult { Content = new AjaxResult { state = ResultTypes.notoken.ToString(), message = "token无效或过期,请重新登录。" }.ToJson() };
|
|
43
|
56
|
return;
|
|
44
|
57
|
}
|
|
45
|
|
-
|
|
46
|
|
- //var actionDescriptor = filterContext.ActionDescriptor;
|
|
47
|
|
- //var controllerDescriptor = actionDescriptor.ControllerDescriptor;
|
|
48
|
|
- //var controller = controllerDescriptor.ControllerName;
|
|
49
|
|
- //var action = actionDescriptor.ActionName;
|
|
50
|
|
- //var token = filterContext.HttpContext.Request["token"];
|
|
51
|
|
-
|
|
52
|
|
- ////var userData = CacheHelper.Get<Dictionary<string, string>>(token);
|
|
53
|
|
- //var userDatastr = RedisHelper.StringGet(CommonHelper.MD5(token));
|
|
54
|
|
- //if (userDatastr != null)
|
|
55
|
|
- //{
|
|
56
|
|
- // //Dictionary<string, string> userData = new Dictionary<string, string>();
|
|
57
|
|
- // //userData = userDatastr.ToString().ToObject<Dictionary<string, string>>();
|
|
58
|
|
- // //var roleId = Utils.StrToInt(userData["F_RoleID"], 0);
|
|
59
|
|
-
|
|
60
|
|
- // //var roleId = Utils.StrToInt(userData["F_RoleID"], 0);
|
|
61
|
|
- // //var role = new BLL.T_Sys_RoleInfo().GetModel(roleId);
|
|
62
|
|
- // //if (role != null)
|
|
63
|
|
- // //{
|
|
64
|
|
- // // isAuth = true;
|
|
65
|
|
- // // //var roleFunctionList = roleFunctionBLL.GetModelList(" F_RoleId=" + role.F_RoleId);
|
|
66
|
|
- // // ////var str = string.Join(",", roleFunctionList.Select(x => x.F_FunctionId).ToArray());
|
|
67
|
|
- // // //var moduleFunction = new BLL.T_Sys_Function().GetModel(roleId);
|
|
68
|
|
- // // //if (moduleFunction != null)
|
|
69
|
|
- // // //{
|
|
70
|
|
- // // // var single = roleFunctionList.SingleOrDefault(x => x.F_FunctionId == moduleFunction.F_FunctionId);
|
|
71
|
|
- // // // if (single != null)
|
|
72
|
|
- // // // {
|
|
73
|
|
- // // // isAuth = true;
|
|
74
|
|
- // // // }
|
|
75
|
|
- // // //}
|
|
76
|
|
- // //}
|
|
77
|
|
- //}
|
|
78
|
58
|
}
|
|
79
|
59
|
else
|
|
80
|
60
|
{
|
|
81
|
|
- filterContext.RequestContext.HttpContext.Response.StatusCode = 200;
|
|
82
|
|
- filterContext.Result = new ContentResult { Content = new AjaxResult { state = ResultTypes.notoken.ToString(), message = "token无效或过期,请重新登录。"}.ToJson() };
|
|
83
|
|
- WriteLog(filterContext, "token无效或过期,请重新登录。");
|
|
|
61
|
+ context.Response.StatusCode = 200;
|
|
|
62
|
+ filterContext.Result = new ContentResult { Content = new AjaxResult { state = ResultTypes.notoken.ToString(), message = "未传入token,请重新登录。" }.ToJson() };
|
|
84
|
63
|
return;
|
|
85
|
64
|
}
|
|
86
|
65
|
|
|
87
|
|
- //if (!isAuth)
|
|
88
|
|
- //{
|
|
89
|
|
- // filterContext.HttpContext.Response.StatusCode = 200;
|
|
90
|
|
- // filterContext.Result = new ContentResult { Content = new AjaxResult { state = ResultTypes.unauthorized.ToString(), message = "对不起,您无权访问!" }.ToJson() };
|
|
91
|
|
- // WriteLog(filterContext);
|
|
92
|
|
- //}
|
|
93
|
|
- //else {
|
|
94
|
|
- if (filterContext!=null)
|
|
|
66
|
+ if (filterContext != null)
|
|
95
|
67
|
{
|
|
96
|
68
|
base.OnAuthorization(filterContext);
|
|
97
|
69
|
}
|
|
98
|
|
-
|
|
99
|
|
- //}
|
|
100
|
70
|
}
|
|
101
|
71
|
private void WriteLog(AuthorizationContext filterContext,string error)
|
|
102
|
72
|
{
|
