using System.Web.Mvc;
using System.Web.Security;
using System.Collections.Generic;
using System.Web;
using System.Linq;
using Bowin.Common;
using Autofac;
using EMISOnline.Web.Controls;
using EMISOnline.Utility;
using EMISOnline.CommonLogic.SystemServices;
using EMISOnline.Utility.FormValidate;
using EMISOnline.ViewModel.Account;
namespace System
{
///
/// 表示需要用户登录才可以使用的特性
/// 如果不需要处理用户登录,则请指定AllowAnonymousAttribute属性
///
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class AuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext == null)
{
throw new Exception("此特性只适合于Web应用程序使用!");
}
else
{
FormsAuthenticationHelper fahelper = new FormsAuthenticationHelper();
var cookieName = EMISOnline.Utility.Const.LOCAL_SETTING_LOGIN_COOKIENAME;
if (Const.SSO_IS_SSO_LOGIN)
{
string rurl = filterContext.HttpContext.Request.Path.ToLower();
var l_unvalidateUrl = Const.LOCAL_AUTH_EXCEPTURL.Concat(new List() { FormsAuthentication.LoginUrl.TrimStart('~') });
if (l_unvalidateUrl.Where(w => rurl.IndexOf(w.ToLower()) >= 0).Count() == 0)
{
if (filterContext.HttpContext.Request.Cookies[cookieName] == null)
{
var loginID = SSO.SSOLogin();
if (loginID != "")
{
filterContext.Controller.LoginSureccessful(new LogOnModel { UserName = loginID }, loginID);
}
}
}
}
fahelper.AuthenticateRequest(HttpContext.Current, cookieName, Const.LOCAL_AUTH_EXCEPTURL);
var user = EMISOnline.Utility.FormValidate.CustomPrincipal.Current;
if (user != null && user.RoleID == null)
{
using (var scope = AutofacHelper.Container.BeginLifetimeScope())
{
IUserServices userServices = scope.Resolve();
var role = userServices.GetUserRoles(user.UserID).FirstOrDefault();
if (role != null)
{
user.RoleID = role.RoleID;
HttpContext.Current.User = user;
var userData = user.GetUserData();
//刷新一下cookies,防止还要再读取数据库
fahelper.loginFormsAuthentication(filterContext.HttpContext, cookieName, userData);
}
}
}
}
}
}
}