ASP.NET mvc 自定义验证和Filter过滤器传参

      在WEBfrom时代 membership作为系统默认的身份验证提供程序,貌似很好用,但ASP.NET没有开源,我们又不能百分之百的按照微软默认商务方式去进行验证,有无力去彻底重写这个东西,所以membership一直是个鸡肋,但随着ASP.NETmvc的开源,这个东西真的派上了用场,而且比以前更加的强大

    在应该用程序中,身份验证和各种各样的验证一直都是系统一个很重要的东西,在ASP.NETmvc中这些被整体打包成为过滤器,感觉其创意来源于IIS的管道模型

 

主要有一下这几个东西

FilterAttribute,ActionFilterAttribute,AuthorizeAttribute                 可以继承重写

IActionFilter, IResultFilter, IExceptionFilter, IAuthorizationFilter    接口可以定义自己的实现

网上有个不错的关系图

ASP.NET mvc 自定义验证和Filter过滤器传参_第1张图片

 

刚一开始,我一直纳闷为什们系统自己的FILTER可以传参数

而卧自己继承重写和自己实现的咋就是不能传参了,这个时候终于感受到开源的伟大,看了一些源码终于知道怎么搞了

就是在类中定义公开的属性例如下面的实现的接口

 

例如 继承重写

  public class MyActionFilter:ActionFilterAttribute
    {
        public override void OnActionExecuted(ActionExecutedContext filterContext)
        {
            filterContext.RequestContext.HttpContext.Response.Write(string.Format("1执行"));
            base.OnActionExecuted(filterContext);
        }

        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            filterContext.RequestContext.HttpContext.Response.Write(string.Format("2执行"));
            base.OnActionExecuting(filterContext);
        }

        public override void OnResultExecuted(ResultExecutedContext filterContext)
        {
            filterContext.RequestContext.HttpContext.Response.Write(string.Format("3执行"));
            base.OnResultExecuted(filterContext);
        }

        public override void OnResultExecuting(ResultExecutingContext filterContext)
        {
            filterContext.RequestContext.HttpContext.Response.Write(string.Format("4执行"));
            base.OnResultExecuting(filterContext);
        }





    }


    public class MyAuthorization : AuthorizeAttribute
    {
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            return base.AuthorizeCore(httpContext);
        }
        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            base.HandleUnauthorizedRequest(filterContext);
        }

        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);
        }

        protected override HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext)
        {
            return base.OnCacheAuthorization(httpContext);
        }


    }

还有实现接口自定义自己的验证方式

  public class MyFilter : FilterAttribute, IActionFilter, IResultFilter, IExceptionFilter, IAuthorizationFilter
     {


         private string _roles;
         private string[] _rolesSplit = new string[0];
         private string _users;
         private string[] _usersSplit = new string[0];

          //过滤器但参数就是过滤器中定义的公开的参数
         public string Roles
         {
             get
             {
                 return _roles ?? String.Empty;
             }
             set
             {
                 _roles = value;
                // _rolesSplit = SplitString(value);
             }
         }

         public string Users
         {
             get
             {
                 return _users ?? String.Empty;
             }
             set
             {
                 _users = value;
                // _usersSplit = SplitString(value);
             }
         }


        #region IActionFilter 成员

        public void OnActionExecuted(ActionExecutedContext filterContext)
         {
             filterContext.RequestContext.HttpContext.Response.Write(string.Format("Action({0})已经执行了!<br />"
                 ,filterContext.ActionDescriptor.ActionName));
         }

        public void OnActionExecuting(ActionExecutingContext filterContext)
         {
             filterContext.RequestContext.HttpContext.Response.Write(string.Format("Action({0})执行之前!<br />"
                 ,filterContext.ActionDescriptor.ActionName));
         }

        #endregion


        #region IResultFilter 成员

        public void OnResultExecuted(ResultExecutedContext filterContext)
         {
             filterContext.RequestContext.HttpContext.Response.Write("Result已经执行了!");
         }

        public void OnResultExecuting(ResultExecutingContext filterContext)
         {
             filterContext.RequestContext.HttpContext.Response.Write("Result执行之前!");
         }

        #endregion

        #region IExceptionFilter 成员

        public void OnException(ExceptionContext filterContext)
         {
            string controller = filterContext.RouteData.Values["controller"] as string;
            string action = filterContext.RouteData.Values["action"] as string;

             filterContext.RequestContext.HttpContext.Response.Write(string.Format("{0}:{1}发生异常!{2}",
                 controller,action, filterContext.Exception.Message));
             filterContext.ExceptionHandled = true;
         }

        #endregion

        #region IAuthorizationFilter 成员

        public void OnAuthorization(AuthorizationContext filterContext)
         {
             filterContext.HttpContext.Response.Write("执行authorization! 判断时候有权限。。。。<br />");
         }

        #endregion

        
     }

你可能感兴趣的:(asp.net)