1.先写个主页面
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace WebApplication4.Controllers
{
public class HomeController : Controller
{
public ActionResult Index()
{
string name = "";
//Session里面有值,就表示已经登录
if (Session["User"]!= null)
{
name = Session["User"].ToString();
}
//Session=null就跳转到登录页面
else
{
return RedirectToAction("Login", "Login");
}
return Content("欢迎【"+name+"】登录");
}
}
}
2.登录页面
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using WebApplication4.Filters;
namespace WebApplication4.Controllers
{
//登录页加上此特性,不需要做登录验证,要不加会陷入死循环,导致浏览器崩溃
[SkipCheckLoginAttribute]
public class LoginController : Controller
{
// GET: Login
[HttpGet]
public ActionResult Login()
{
return View();
}
[HttpPost]
public ActionResult Login(FormCollection forms)
{
string name = forms["name"];
string pwd = forms["pwd"];
if(name=="Admin" && pwd == "Admin")
{
Session["User"] = name;
}
return RedirectToAction("Index","Home");
}
}
}
View页的登录
@{
Layout = null;
}
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width" />
<title>Login</title>
</head>
<body>
<div>
@using (Html.BeginForm("Login", "Login", FormMethod.Post))
{
<input type="text" name="name" /><br />
<input type="text" name="pwd" /><br />
<input type="submit" value="登录" />
}
</div>
</body>
</html>
3.一个登录验证的过滤器CheckLoginAttribute
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace WebApplication4.Filters
{
using System.Web.Mvc;
/// <summary>
/// 统一登陆验证
/// </summary>
public class CheckLoginAttribute:ActionFilterAttribute
{
//重写ActionFilterAttribute中的OnActionExecuted方法,表示在执行Action之前执行此方法
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
//判断Action方法的Control是否跳过登录验证
if (filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(SkipCheckLoginAttribute), false))
{
return;
}
//判断Action方法是否跳过登录验证
if (filterContext.ActionDescriptor.IsDefined(typeof(SkipCheckLoginAttribute), false))
{
return;
}
if (filterContext.HttpContext.Session["User"] == null)
{
//跳转方法1:
filterContext.HttpContext.Response.Redirect("/Login/Login");
//跳转方法2:
ViewResult view = new ViewResult();
//指定要返回的完整视图名称
view.ViewName = "~/View/Login/Login.cshtml";
}
}
}
}
4.一个跳过登录验证的自定义属性类SkipCheckLoginAttribute
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace WebApplication4.Filters
{
//要继承所有属性的基类Attribute
public class SkipCheckLoginAttribute:Attribute
{
}
}
5.把SkipCheckLoginAttribute添加到全局过滤器中
using System.Web;
using System.Web.Mvc;
using WebApplication4.Filters;
namespace WebApplication4
{
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
//添加自定义过滤器
filters.Add(new CheckLoginAttribute());
}
}
}