一、权限类
public class UserAuthority
{public static string Admin { get; set; }
}
二、cs代码
[HttpPost]
public ActionResult Index(User user)
{
//if (!ModelState.IsValid)
//{
//}
ViewData.Model = user;
//ViewData.Model = LoadData();
//return View();
UserAuthority.Admin =user.UserName;
return RedirectToAction("Main");
}
[CheckLogin(Roles ="Admin,Guest")]
public ActionResult Main()
{
return View();
}
三、CheckLoginAttribute 验证类
public class CheckLoginAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool Pass = false;
if (!Roles.Contains(UserAuthority.Admin))
{
httpContext.Response.StatusCode = 401;//无权限状态码
Pass = false;
}
else
{
Pass = true;
}
return Pass;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
base.HandleUnauthorizedRequest(filterContext);
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
else
{
filterContext.HttpContext.Response.Redirect("/Home/Index");
}
}
}