ASP.NET MVC 实现统一登录验证

1.先写个主页面

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace WebApplication4.Controllers
{
    public class HomeController : Controller
    {
        public ActionResult Index()
        {
            string name = "";
            //Session里面有值,就表示已经登录
            if (Session["User"]!= null)
            {
                name = Session["User"].ToString();
            }
            //Session=null就跳转到登录页面
            else
            {
                return RedirectToAction("Login", "Login");
            }
            return Content("欢迎【"+name+"】登录");
        }      
    }
}

2.登录页面

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using WebApplication4.Filters;

namespace WebApplication4.Controllers
{
    //登录页加上此特性,不需要做登录验证,要不加会陷入死循环,导致浏览器崩溃
    [SkipCheckLoginAttribute]
    public class LoginController : Controller
    {
        // GET: Login
        [HttpGet]
        public ActionResult Login()
        {
            return View();
        }
        [HttpPost]
        public ActionResult Login(FormCollection forms)
        {
            string name = forms["name"];
            string pwd = forms["pwd"];

            if(name=="Admin" && pwd == "Admin")
            {
                Session["User"] = name;
            }

            return RedirectToAction("Index","Home");
        }
    }
}

View页的登录


@{
    Layout = null;
}



<html>
<head>
    <meta name="viewport" content="width=device-width" />
    <title>Logintitle>
head>
<body>
    <div>
        @using (Html.BeginForm("Login", "Login", FormMethod.Post))
        {
            <input type="text" name="name" /><br />
            <input type="text" name="pwd" /><br />
            <input type="submit" value="登录" />
        }
    div>
body>
html>

3.一个登录验证的过滤器CheckLoginAttribute

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

namespace WebApplication4.Filters
{
    using System.Web.Mvc;
    /// 
    /// 统一登陆验证
    /// 
    public class CheckLoginAttribute:ActionFilterAttribute
    {
        //重写ActionFilterAttribute中的OnActionExecuted方法,表示在执行Action之前执行此方法
        public override void OnActionExecuted(ActionExecutedContext filterContext)
        {
            //判断Action方法的Control是否跳过登录验证
            if (filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(SkipCheckLoginAttribute), false))
            {
                return;
            }
            //判断Action方法是否跳过登录验证
            if (filterContext.ActionDescriptor.IsDefined(typeof(SkipCheckLoginAttribute), false))
            {
                return;
            }
            if (filterContext.HttpContext.Session["User"] == null)
            {
                //跳转方法1:
                filterContext.HttpContext.Response.Redirect("/Login/Login");
                //跳转方法2:
                ViewResult view = new ViewResult();
                //指定要返回的完整视图名称
                view.ViewName = "~/View/Login/Login.cshtml";
            }
        }
    }
}

4.一个跳过登录验证的自定义属性类SkipCheckLoginAttribute

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

namespace WebApplication4.Filters
{
    //要继承所有属性的基类Attribute
    public class SkipCheckLoginAttribute:Attribute
    {

    }
}

5.把SkipCheckLoginAttribute添加到全局过滤器中

using System.Web;
using System.Web.Mvc;
using WebApplication4.Filters;

namespace WebApplication4
{
    public class FilterConfig
    {
        public static void RegisterGlobalFilters(GlobalFilterCollection filters)
        {
            filters.Add(new HandleErrorAttribute());
            //添加自定义过滤器
            filters.Add(new CheckLoginAttribute());
        }
    }
}

你可能感兴趣的:(ASP.NET,MVC)