###1.实现自定义过滤器处理函数
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
namespace lengxia.site.Controllers
{
public class CustomAuthAttribute : AuthorizeAttribute
{
public string[] roles;
public string[] users;
public CustomAuthAttribute(string role,string user)//params
{
roles = role.Split(',');
users = user.Split(',');
}
protected override bool AuthorizeCore(HttpContextBase httpContext)//处理函数
{
if (httpContext.Session["user"] != null)
{
string s = httpContext.Session["user"].ToString();
foreach (var item in users)
{
if (item == s)
return true;
}
}
if (httpContext.Session["role"] != null)
{
string s = httpContext.Session["role"].ToString();
foreach (var item in roles)
{
if (item == s)
return true;
}
}
return false;
// return base.AuthorizeCore(httpContext);
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)//验证失败处理
{
filterContext.Result = new RedirectResult("/Account/Login");
}
}
}
###2.使用过滤器
namespace lengxia.site.Controllers
{
[CustomAuth("","lengxia,admin")]
public class HomeController : Controller
{
###3.添加原始认证
<!--认证,添加-->
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880"></forms>
</authentication>
<!--<authentication mode="None" />-->