C# 网站邀请系统/NET测试版锁定？

是否有任何针对.NET的开源解决方案（首选C#/MVC）允许在私有滚动测试场景中使用简单的锁定和邀请系统

用户将被重定向到启动页面，除非他们登录（可能使用全局操作过滤器）

以下是其他语言中的两个类似解决方案：

（红宝石）

---

（Python）

我为ASP.NET MVC编写了一个小型的“访问控制”过滤器，它是配置文件驱动的。我可以在我的web.config中切换一个标志，该标志将所有未注册的用户移动到特定页面，除非他们特别请求登录或注销操作。您可以相应地调整您的实现，而无需太多麻烦

过滤器属性

public class AccessControlAttribute : AuthorizeAttribute
{
    public bool AccessControlEnabled {
        get { return AccessControlSection.Settings != null; }
    }

    public bool LockoutEnabled {
        get { return AccessControlEnabled && AccessControlSection.Settings.ForceLockout != null && AccessControlSection.Settings.ForceLockout.Enabled; }
    }

    public AccessControlAttribute() {
        if (LockoutEnabled) {
            Roles = AccessControlSection.Settings.ForceLockout.AllowRoles;
            Users = AccessControlSection.Settings.ForceLockout.AllowUsers;
        }
    }

    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) {
        if (filterContext.IsChildAction || ApproveLockoutAction(filterContext))
            return;

        if (LockoutEnabled && !string.IsNullOrEmpty(AccessControlSection.Settings.ForceLockout.DefaultPage)) {
            filterContext.HttpContext.Response.Redirect(AccessControlSection.Settings.ForceLockout.DefaultPage, false);
            return;
        }

        base.HandleUnauthorizedRequest(filterContext);
    }

    private static bool ApproveLockoutAction(AuthorizationContext filterContext) {
        var forceLockout = AccessControlSection.Settings.ForceLockout;
        if (forceLockout == null || !forceLockout.Enabled)
            return true;

        if (string.IsNullOrEmpty(forceLockout.LogOnUrl) || string.IsNullOrEmpty(forceLockout.LogOffUrl))
            return false;

        if (filterContext.HttpContext.Request.AppRelativeCurrentExecutionFilePath.Equals(forceLockout.LogOnUrl, StringComparison.OrdinalIgnoreCase)
            || filterContext.HttpContext.Request.AppRelativeCurrentExecutionFilePath.Equals(forceLockout.LogOffUrl, StringComparison.OrdinalIgnoreCase)) {
            return true;
        }

        return false;
    }
}

配置处理程序

public class AccessControlSection : ConfigurationSection
{
    public const string SectionName = "accessControl";
    public const string ForceLockoutKeyName = "forceLockout";

    private static AccessControlSection _settings;
    public static AccessControlSection Settings {
        get {
            if (_settings == null) {
                object section = ConfigurationManager.GetSection(SectionName);
                if (section != null)
                    _settings = section as AccessControlSection;
            }
            return _settings;
        }
    }

    [ConfigurationProperty(ForceLockoutKeyName)]
    public ForceLockoutElement ForceLockout {
        get { return (ForceLockoutElement)this[ForceLockoutKeyName]; }
        set { this[ForceLockoutKeyName] = value; }
    }
}

public class ForceLockoutElement : ConfigurationElement
{
    public const string AllowRolesKeyName = "allowRoles";
    public const string AllowUsersKeyName = "allowUsers";
    public const string DefaultPageKeyName = "defaultPage";
    public const string EnabledKeyName = "enabled";
    public const string LogOnUrlKeyName = "logOnUrl";
    public const string LogOffUrlKeyName = "logOffUrl";

    [ConfigurationProperty(AllowRolesKeyName, DefaultValue = "Admin")]
    public string AllowRoles {
        get { return (string)this[AllowRolesKeyName]; }
        set { this[AllowRolesKeyName] = value; }
    }

    [ConfigurationProperty(AllowUsersKeyName)]
    public string AllowUsers {
        get { return (string)this[AllowUsersKeyName]; }
        set { this[AllowUsersKeyName] = value; }
    }

    [ConfigurationProperty(DefaultPageKeyName, DefaultValue = "~/offline.htm")]
    public string DefaultPage {
        get { return (string)this[DefaultPageKeyName]; }
        set { this[DefaultPageKeyName] = value; }
    }

    [ConfigurationProperty(LogOnUrlKeyName, DefaultValue = "~/auth/logon")]
    public string LogOnUrl {
        get { return (string)this[LogOnUrlKeyName]; }
        set { this[LogOnUrlKeyName] = value; }
    }

    [ConfigurationProperty(LogOffUrlKeyName, DefaultValue = "~/auth/logoff")]
    public string LogOffUrl {
        get { return (string)this[LogOffUrlKeyName]; }
        set { this[LogOffUrlKeyName] = value; }
    }

    [ConfigurationProperty(EnabledKeyName, DefaultValue = true)]
    public bool Enabled {
        get { return (bool)this[EnabledKeyName]; }
        set { this[EnabledKeyName] = value; }
    }

    public string[] AllowedUsersArray {
        get {
            if (string.IsNullOrEmpty(AllowUsers))
                return null;

            return AllowUsers.Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries);
        }
    }

    public string[] AllowRolesArray {
        get {
            if (string.IsNullOrEmpty(AllowRoles))
                return null;

            return AllowRoles.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
        }
    }
}

示例Web.config

<configuration>
    <configSections>
        <section name="accessControl" type="MyWebsite.Config.AccessControlSection, MyWebsite" />
    </configSections>

    <accessControl>
        <forceLockout enabled="true" defaultPage="~/inviteonly.htm" 
            logOnUrl="~/logon" 
            logOffUrl="~/logoff" 
            allowRoles="Members" />
    </accessControl>

</configuration>

使用上述配置，任何未登录或不是角色“Members”成员的用户都将被重定向到“~/inviteonly.htm”。您可以通过逗号分隔“allowRoles”和“allowUsers”属性中的值来指定多个允许的角色和/或用户

---

AccessControlAttribute

必须注册为全局筛选器，或者放置在BaseController类定义上，才能使所有内容正常工作。

@nathan taylor Sweet这看起来是个不错的开始，谢谢！明天我会试试密码。看起来我只是注册了

GlobalFilters.Filters.Add（newaccesscontrolattribute（））

可以将defaultPage设置为视图吗？@MarcM重定向基于任意URL，因此只要您有分配给该视图的路由，就可以。