这个需求有点怪异?确实很中国特色!我有个网站,绑定了几个域名,其中主域名不想开放匿名访问,因为强大的无所不能的GFW和网监会时刻盯着你,让你不得安宁,其他副域名么就无所谓了,封了就封了,于是就有这个需求出来了。
网站是基于MVC4做的,所以最简单的思路就是基于Action Filter(http://www.asp.net/mvc/tutorials/older-versions/controllers-and-routing/understanding-action-filters-cs)
- 自定义一个ActionFilterAttribute,增加一个Domains的属性,方便传入不允许的域名
- 重写OnActionExecuting,判断当前访问的域名,如果在Domains列表里面,那么就要判断是不是匿名用户,如果是匿名用户,就要跳转到登录页面
- 对于登录、注册等相关的页面不在此限制,否则就死循环了……
参考代码
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)] public class AnonymousAccessNotAllowedForDomainsAttribute : ActionFilterAttribute { /// <summary> /// The domains which not allow anonymous access /// </summary> public string Domains { get; set; } public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.Equals("accounts", StringComparison.CurrentCultureIgnoreCase)) { return; } string[] domains = Domains.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries); string hostName = filterContext.HttpContext.Request.Url.Host; bool inDomainList = false; foreach (string domain in domains) { if (hostName.Equals(domain, StringComparison.CurrentCultureIgnoreCase)) { inDomainList = true; break; } } if (!inDomainList) return; var user = UserManager.GetUser(); if (user == null || user.IsAnonymous) { //send them off to the login page filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { action = "signin", controller = "accounts", area = "" })); } } }
用法:
1 [AnonymousAccessNotAllowedForDomains(Domains = "openlab.net.cn,www.openlab.net.cn")] 2 public class ControllerBase : Controller 3 {}