Asp.net mvc 登录后重定向到浏览的url(身份验证)
我开发了一个模块,可以动态地从数据库中授权角色。现在,我想要的是,当用户来浏览不同的actionmethod而不登录时,我能够将用户重定向到登录页面。用户登录后,应立即将其重定向到他尝试在不登录的情况下访问的actionmethod/视图。下面是我用来提取未登录浏览的URL的代码。我的web.config中还定义了一个键,名为Asp.net mvc 登录后重定向到浏览的url(身份验证),asp.net-mvc,redirect,Asp.net Mvc,Redirect,我开发了一个模块,可以动态地从数据库中授权角色。现在,我想要的是,当用户来浏览不同的actionmethod而不登录时,我能够将用户重定向到登录页面。用户登录后,应立即将其重定向到他尝试在不登录的情况下访问的actionmethod/视图。下面是我用来提取未登录浏览的URL的代码。我的web.config中还定义了一个键,名为serverURL,它为我提供了类似localhost的初始url。如何记住下面的returnurl,并在登录后将用户重定向到所需的actionmethod/视图 retu
serverURL
,它为我提供了类似localhost
的初始url。如何记住下面的returnurl,并在登录后将用户重定向到所需的actionmethod/视图
returnUrl = HttpContext.Current.Request.RawUrl;
public class AuthorizeUserAttribute : AuthorizeAttribute
{
public string Feature { get; set; }
public string returnUrl { get; set; }
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//var isAuthorized = base.AuthorizeCore(httpContext);
//if (!isAuthorized)
//{
// return false;
//}
if (httpContext != null && httpContext.Session != null && httpContext.Session["Role"] != null)
{
string userRoles = UserBL.ValidateUsersRoleFeature(httpContext.Session["Role"].ToString(), Feature);
if (!string.IsNullOrEmpty(userRoles))
{
if (userRoles.IndexOf(httpContext.Session["Role"].ToString()) >= 0)
{
return true;
}
}
return false;
}
else
return false;
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
HttpSessionStateBase session = filterContext.HttpContext.Session;
if (session.IsNewSession || session["Email"] == null)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
// For AJAX requests, return result as a simple string,
// and inform calling JavaScript code that a user should be redirected.
JsonResult result = new JsonResult();
result.ContentType = "text/html";
result.Data = "SessionTimeout";
filterContext.Result = result;
//$.ajax({
// type: "POST",
// url: "controller/action",
// contentType: "application/json; charset=utf-8",
// dataType: "json",
// data: JSON.stringify(data),
// async: true,
// complete: function (xhr, status) {
// if (xhr.responseJSON == CONST_SESSIONTIMEOUT) {
// RedirectToLogin(true);
// return false;
// }
// if (status == 'error' || !xhr.responseText) {
// alert(xhr.statusText);
// }
// }
// });
//}
}
else
{
// For round-trip requests,
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary { { "Controller", "User" }, { "Action", "Login" } });
returnUrl = HttpContext.Current.Request.RawUrl;
}
}
else
base.OnAuthorization(filterContext);
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new
{
controller = "Base",
action = "PageNotAccessible"
})
);
}
}
在属性中,返回用户所在的url:
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary
{
{ "Controller", "User" },
{ "Action", "Login" },
{"returnUrl",HttpContext.Current.Request.RawUrl}
});
在你的行动中:
[AllowAnonymous]
public virtual ActionResult Login()
{
ViewBag.returnUrl = Request.QueryString["returnUrl"];
return View();
}
鉴于:
@using(Html.BeginForm("Login","User",new{returnUrl = ViewBag.returnUrl},FormMethod.Post))
{
<input type="submit" value="Login" />
}
在html页面中,创建隐藏标记:
<div id="HiddenURL" class="hidden"></div>
在asp.net页面“分配给操作”中,url取自div文本:
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new
{
controller = "Base",
action = HiddenURL.Value
})
);
}
$(document).ready(function ()
{
$('#HiddenURL').text(window.location.href.toLowerCase());
...
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new
{
controller = "Base",
action = HiddenURL.Value
})
);
}