C# asp.net代码中的会话管理
我在项目中使用自定义身份验证,无法管理会话以获取路由中的用户权限这是我的代码:C# asp.net代码中的会话管理,c#,asp.net,asp.net-mvc,asp.net-mvc-4,session,C#,Asp.net,Asp.net Mvc,Asp.net Mvc 4,Session,我在项目中使用自定义身份验证,无法管理会话以获取路由中的用户权限这是我的代码: public class AdminAuthorize : AuthorizeAttribute { baseContext AdminContext; public AdminAuthorize() { AdminContext = new baseContext(); } protected override bool AuthorizeCore(Ht
public class AdminAuthorize : AuthorizeAttribute
{
baseContext AdminContext;
public AdminAuthorize()
{
AdminContext = new baseContext();
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//check cookie
string email = string.Empty, password = string.Empty;
Admin TempAdmin = null;
if (httpContext.Response.Cookies["adminEmail"] != null)
email = httpContext.Response.Cookies["adminEmail"].Value;
if (httpContext.Response.Cookies["adminPass"] != null)
password = httpContext.Response.Cookies["adminPass"].Value;
if (!String.IsNullOrEmpty(email) && !String.IsNullOrEmpty(password))
TempAdmin = AdminContext.admins.SingleOrDefault(u => u.Email == email && u.Pass == password);
if (TempAdmin != null)
{
httpContext.Session["adminID"] = TempAdmin.adminID;
httpContext.Session["adminNom"] = TempAdmin.Nom.ToString() + " " + TempAdmin.Prenom.ToString();
if (System.IO.File.Exists(httpContext.Server.MapPath("~" + TempAdmin.Photo)))
{ httpContext.Session["adminPhoto"] = "~" + TempAdmin.Photo; }
else
{ httpContext.Session["adminPhoto"] = "~/Content/TemplateAdmin/assets/images/no_img.png"; }
return true;
}
// Now check the session:
if (httpContext.Session["adminID"] != null)
{
return true;
}
return false;
}
}
管理员控制器
// POST: administration
[HttpPost]
public ActionResult Login(Admin admin)
{
var user = AdminContext.admins.SingleOrDefault(u => u.Email == admin.Email && u.Pass == admin.Pass);
if (user != null)
{
Session["adminID"] = user.adminID;
Session["adminNom"] = user.Nom.ToString() + " " + user.Prenom.ToString();
if (System.IO.File.Exists(Server.MapPath("~" + user.Photo)))
{ Session["adminPhoto"] = "~" + user.Photo; }
else
{ Session["adminPhoto"] = "~/Content/TemplateAdmin/assets/images/no_img.png"; }
return RedirectToRoute("Dashboard");
}
else
{
ModelState.AddModelError("", "Email ou mot de passeest incorrect");
return View("~/Views/Administration/Login.cshtml");
}
}
[AdminAuthorize]
public ActionResult Profil()
{
int id = Convert.ToInt32(Session["adminID"]);
}
项目路线
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
name: "LoginAdmin",
url: "administration",
defaults: new { controller = "Admin", action = "Login" }
);
routes.MapRoute(
name: "Dashboard",
url: "administration/dashboard",
defaults: new { controller = "Dashboard", action = "Index"}
);
routes.MapRoute(
name: "Profile",
url: "administration/profile",
defaults: new { controller = "Admin", action = "Profil" }
);
routes.MapRoute(
name: "Gestion_admins",
url: "administration/gestion_admins/{action}/{id}",
defaults: new { controller = "Admin", action = "Index", id = UrlParameter.Optional }
);
}
我是否应该检查项目中所有操作结果的会话?如下所示:
// POST: Profil
[HttpPost]
public ActionResult Profil(Admin model)
{
if (Session["adminID"] != null)
{
model.adminID = Convert.ToInt32(Session["adminID"]);
}
}
我解决了这个问题,我分享它: 我创建了一个新类EAdminAuthorize:
public class AdminAuthorize : AuthorizeAttribute
{
baseContext AdminContext;
public AdminAuthorize()
{
AdminContext = new baseContext();
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//check cookie
string email = string.Empty, password = string.Empty;
Admin TempAdmin = null;
if (httpContext.Response.Cookies["adminEmail"] != null)
email = httpContext.Response.Cookies["adminEmail"].Value;
if (httpContext.Response.Cookies["adminPass"] != null)
password = httpContext.Response.Cookies["adminPass"].Value;
if (!String.IsNullOrEmpty(email) && !String.IsNullOrEmpty(password))
TempAdmin = AdminContext.admins.SingleOrDefault(u => u.Email == email && u.Pass == password);
if (TempAdmin != null)
{
httpContext.Session["adminID"] = TempAdmin.adminID;
httpContext.Session["adminNom"] = TempAdmin.Nom.ToString() + " " + TempAdmin.Prenom.ToString();
if (System.IO.File.Exists(httpContext.Server.MapPath("~" + TempAdmin.Photo)))
{ httpContext.Session["adminPhoto"] = "~" + TempAdmin.Photo; }
else
{ httpContext.Session["adminPhoto"] = "~/Content/TemplateAdmin/assets/images/no_img.png"; }
return true;
}
// Now check the session:
if (httpContext.Session["adminID"] != null)
{
return true;
}
return false;
}
}
我只是在管理员控制器中使用它
// POST: administration
[HttpPost]
public ActionResult Login(Admin admin)
{
var user = AdminContext.admins.SingleOrDefault(u => u.Email == admin.Email && u.Pass == admin.Pass);
if (user != null)
{
Session["adminID"] = user.adminID;
Session["adminNom"] = user.Nom.ToString() + " " + user.Prenom.ToString();
if (System.IO.File.Exists(Server.MapPath("~" + user.Photo)))
{ Session["adminPhoto"] = "~" + user.Photo; }
else
{ Session["adminPhoto"] = "~/Content/TemplateAdmin/assets/images/no_img.png"; }
return RedirectToRoute("Dashboard");
}
else
{
ModelState.AddModelError("", "Email ou mot de passeest incorrect");
return View("~/Views/Administration/Login.cshtml");
}
}
[AdminAuthorize]
public ActionResult Profil()
{
int id = Convert.ToInt32(Session["adminID"]);
}
它可以工作强>