.net mvc 中的用户登录验证过滤器,主要是判断session是否存在。
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace MvcService.Models
{
public class LoginFilter : AuthorizeAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//HttpContext.Current.Response.Write("OnActionExecuting:正要准备执行Action的时候但还未执行时执行<br />");
if (HttpContext.Current.Session["name"] == null)
{
HttpContext.Current.Response.Write("<script>alert('请登录!');window.parent.location.href='/auser/login'</script>");
HttpContext.Current.Response.End();
return;
}
}
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
//HttpContext.Current.Response.Write("OnActionExecuted:Action执行时但还未返回结果时执行<br />");
}
public override void OnResultExecuting(ResultExecutingContext filterContext)
{
// HttpContext.Current.Response.Write("OnResultExecuting:OnResultExecuting也和OnActionExecuted一样,但前者是在后者执行完后才执行<br />");
}
public override void OnResultExecuted(ResultExecutedContext filterContext)
{
// HttpContext.Current.Response.Write("OnResultExecuted:是Action执行完后将要返回ActionResult的时候执行<br />");
}
}
}
使用:
[LoginFilter]
public ActionResult Index()
{
return View();
}
在每次重新生成项目在时候,session 会过期,在 web.config 修改一下 session 配置,把session改成存在单线程里面即可解决。
web.config:
<system.web>
<sessionState mode="StateServer" timeout="30"></sessionState>
</system.web>
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext.Session["username"] == null || filterContext.HttpContext.Session["userid"] == null)
{
filterContext.RequestContext.HttpContext.Response.Write("<script>alert('请登录!');window.parent.location.href='/auser/login'</script>");
filterContext.RequestContext.HttpContext.Response.End();
}
}