在MVC中一般都会封装BaseControl 来限制 是否有权限,登录
public class BaseController : Controller
{
public system_user LoginUser{ get; set; }
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
bool IsExt = false;
object obj = Session["login_user"];
if (obj != null)//&& Session["keyid"] != null
{
IsExt = true;
LoginUser = obj as system_user;
}
if (!IsExt)
{
filterContext.HttpContext.Response.Redirect("/Login/Login");
filterContext.Result = new EmptyResult();
return;
}
base.OnActionExecuting(filterContext);
}
}
但是,仅通过的new RedirectResult("/Home/Login");只是把Action的返回指向为了/Home/Login,若页面是嵌套在iframe中,这个时候,只是iframe的指向改变了,问不是地址栏的指向改变了,针对这种情况,可在前台页面/Home/Login做限制,如下:
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width" />
<title>系统-登录</title>
<link href="/Content/login.css" rel="stylesheet" />
<script type="text/javascript">
$(function () {
//判断一下当前是不是做顶层,如果不是,则做一下顶层页面重定向
if (window != top) {
top.location.href = location.href;
}
});
</script>
</head>
<body>
</body>
</html>