MVC 3会话和authorizeAttribute [英] mvc 3 session and authorizeAttribute
本文介绍了MVC 3会话和authorizeAttribute的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我的网站向所有人开放,但我有一个采用某种方法的控制器,只有具有用户名和密码的管理员才能输入.我将布尔IsManager
保存在session
中.
我想使用authorize属性来阻止谁IsManager == false
.
My site is open to all but i have a controller with some method that only the manager with the user and password can enter. I'm saving the bool IsManager
in a session
.
I would like to use the authorize attribute to block whom ever IsManager == false
.
推荐答案
首先定义一个ActionFilter
:
First define an ActionFilter
:
public class TheFilter: ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var session = filterContext.HttpContext.Session;
if ((bool?)session["IsManager"] == true)
return;
//Redirect him to somewhere.
var redirectTarget = new RouteValueDictionary
{{"action", "{ActionName}"}, {"controller", "{ControllerName}"}};
filterContext.Result = new RedirectToRouteResult(redirectTarget);
}
}
然后在受限的Action(或控制器)上方使用它:
//[TheFilter]
public class ManagersController : Controller
{
[TheFilter]
public ActionResult Foo()
{
...
return View();
}
}
这篇关于MVC 3会话和authorizeAttribute的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文