名称 | 类 | 默认实现 | 执行顺序 | 描述 |
---|---|---|---|---|
授权过滤器 | CustomAuthorizeAttribute | AuthorizeAttribute | 1 | 常用于登录验证,权限验证等 |
方法过滤器 | CustomActionFilterAttribute | ActionFilterAttribute | 2 | 常用于记录方法执行日志等 |
异常过滤器 | CustomHandleErrorAttribute | HandleErrorAttribute | 异常时调用 | 常用于记录异常日志等 |
1、在App_Start文件夹里的FilterConfig添加自定义的全局过滤器
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
//添加全局过滤器
filters.Add(new CustomActionFilterAttribute());
filters.Add(new CustomAuthorizeAttribute());
filters.Add(new CustomHandleErrorAttribute());
}
}
2、Global.asax全局文件里需要有下面一段注册全局过滤器的代码 创建MVC项目就有。
public class MvcApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
}
}
3、方法过滤器
/// <summary>
/// 自定义 方法过滤器
/// 需要引用 using System.Web.Mvc;
/// </summary>
public class CustomActionFilterAttribute: ActionFilterAttribute
{
//定义一个计时器,记录执行方法用时
private Stopwatch timer;
/// <summary>
/// 在 Action方法执行之前 调用
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
this.timer = new Stopwatch();
this.timer.Start();
}
/// <summary>
/// 在 Action方法执行之后 调用 (方法内部异常时也会调用)
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
base.OnActionExecuted(filterContext);
this.timer.Stop();
//方法执行时间
long executedTiem = this.timer.ElapsedMilliseconds;
//记录日志等操作
}
}
4、权限过滤器
/// <summary>
/// 自定义 权限过滤器
/// using System.Web.Mvc;
/// </summary>
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
/// <summary>
/// 控制器名称
/// </summary>
private string ControllerName { set; get; }
/// <summary>
/// 动作名称
/// </summary>
private string ActionName { set; get; }
/// <summary>
///在Action过滤器执行前执行
/// </summary>
/// <param name="filterContext"></param>
public override void OnAuthorization(AuthorizationContext filterContext)
{
this.ControllerName = (string)filterContext.RouteData.Values["controller"];
this.ActionName = (string)filterContext.RouteData.Values["action"];
base.OnAuthorization(filterContext);
}
/// <summary>
/// 检查授权
/// </summary>
/// <param name="httpContext"></param>
/// <returns></returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//进行权限验证
//验证通过
return true;
//验证失败 时 调用this.HandleUnauthorizedRequest函数
//return false;
}
/// <summary>
/// 用户没有授权时的提示处理 即AuthorizeCore返回False时
/// </summary>
/// <param name="filterContext"></param>
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
base.HandleUnauthorizedRequest(filterContext);
//权限验证失败日志
string message = "权限验证失败";
//权限验证失败返回失败提示
if (filterContext.HttpContext.Request.RequestType.ToUpper() == "POST")//POST请求时返回数据
{
filterContext.Result = new JsonResult()
{
Data = new { code = "401", message = message, Url = System.Web.Security.FormsAuthentication.LoginUrl }
};
}
else if (filterContext.HttpContext.Request.RequestType.ToUpper() == "GET")//GET请求时返回页面
{
filterContext.Result = new ContentResult()
{
Content = string.Format("<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" /></head><body><div style=\"display:none;\">{0}</div><div>{1}</div></body></html>", string.Format("【控制器:{0} 】【动作:{1}】", this.ControllerName, this.ActionName), message),
};
}
}
}
5、异常过滤器
/// <summary>
/// 自定义 异常过滤器
/// using System.Web.Mvc;
/// </summary>
public class CustomHandleErrorAttribute: HandleErrorAttribute
{
/// <summary>
/// 执行方法时出现异常时执行(自定义过滤器内部异常时也会被调用)
/// </summary>
/// <param name="filterContext"></param>
public override void OnException(ExceptionContext filterContext)
{
ViewResult result = new ViewResult();
result.ViewName = "Error";
result.ViewBag.Subject = "异常提示";
result.ViewBag.MessageText = filterContext.Exception.Message;
result.ViewBag.StackTrace = filterContext.Exception.StackTrace;
filterContext.HttpContext.ClearError();
//返回结果
//1、重定向到错误页面
//filterContext.Result = new RedirectResult("~/error.html");
//2、返回错误提示和堆栈调用信息
filterContext.Result = result;
filterContext.ExceptionHandled = true;
filterContext.HttpContext.Response.Clear();
filterContext.HttpContext.Response.StatusCode = 500;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
//filterContext.HttpContext.Response.Write(filterContext.Exception.Message + filterContext.Exception.StackTrace);
//记录方法执行异常 日志。
}
}
6、应用程序异常,即异常过滤器检测不到的异常在这里处理。如控制器构造函数异常,URL路径不对等。Global.asax文件
public class MvcApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
/// <summary>
/// 应用程序异常,即异常过滤器检测不到的异常在这里处理。如控制器构造函数异常,URL路径不对等。
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Application_Error(object sender,EventArgs e)
{
//获取错误信息
Exception errorMsg = Server.GetLastError();
Console.WriteLine(errorMsg.Message);
Response.Write("出错");
Response.ContentType = "text/html";
Server.ClearError();
}
}