using System.Web.Mvc;
using System.Web.Security;
using System.Collections.Generic;
using System.Web;
using System.Linq;
using System.Web.Routing;
using Autofac;
using Bowin.Common;
using EMIS.Utility;
using EMIS.Utility.SSO;
using EMIS.Web.Controls;
using EMIS.Web.Controllers;
using EMIS.ViewModel.AccountManage;
using EMIS.CommonLogic.SystemServices;
namespace System
{
///
/// 表示需要用户登录才可以使用的特性
/// 如果不需要处理用户登录,则请指定AllowAnonymousAttribute属性
///
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class AuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HttpContext == null)
{
throw new Exception("此特性只适合于Web应用程序使用!");
}
else
{
var allowAnonymousType = filterContext.ActionDescriptor.GetCustomAttributes(typeof(AllowAnonymousAttribute), false).FirstOrDefault();
if (allowAnonymousType != null)
{
return;
}
FormsAuthenticationHelper fahelper = new FormsAuthenticationHelper();
//var noSSOAttribute = filterContext.ActionDescriptor.GetCustomAttributes(typeof(NoSSOAttribute), false)
// .FirstOrDefault();
var cookieName = EMIS.Utility.Const.LOCAL_SETTING_LOGIN_COOKIENAME;
var sessionUser = filterContext.HttpContext.Session["Remote_Login_User"]; //filterContext.HttpContext.Session["Remote_Login_User"];
if (filterContext.HttpContext.Request.Cookies[cookieName] == null && sessionUser != null)
{
filterContext.Controller.LoginSureccessful(new LogOnModel { UserName = sessionUser.ToString() }, sessionUser.ToString());
//filterContext.HttpContext.Session.Remove("Remote_Login_User");
}
//根据配置判断是否允许跨域访问
if (HttpContext.Current.Request.UrlReferrer != null)
{
//filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Origin", "http://");
//filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Methods", "OPTIONS,POST,GET");
//filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Headers", "x-requested-with,content-type");
var mainUrl = HttpContext.Current.Request.UrlReferrer.AbsoluteUri.ToString().Replace(HttpContext.Current.Request.UrlReferrer.AbsolutePath, "").ToString();
var settingURLs = System.Configuration.ConfigurationManager.AppSettings["AccessControlAllowOrigin"];
if (settingURLs != null && settingURLs != "")
{
List urlList = settingURLs.Split(';').ToList();
foreach (var url in urlList)
{
if (url == mainUrl)
{
//filterContext.HttpContext.Response.Clear();
//filterContext.Result = new EmptyResult();
filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Origin", mainUrl);
}
}
filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Methods", "OPTIONS,POST,GET");
filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Headers", "x-requested-with,content-type");
}
else
{
//filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Origin", "");
//filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Methods", "OPTIONS,POST,GET");
//filterContext.HttpContext.Response.AddHeader("Access-Control-Allow-Headers", "x-requested-with,content-type");
}
}
fahelper.AuthenticateRequest(HttpContext.Current, cookieName, Const.LOCAL_AUTH_EXCEPTURL, Const.LOCAL_AUTH_INCLUDEURL);
var userInfo = EMIS.Utility.FormValidate.CustomPrincipal.Current;
if (userInfo != null && userInfo.IsStudent)
{
using (var scope = AutofacHelper.Container.BeginLifetimeScope())
{
IControlItemServices controlItemServices = scope.Resolve();
var menuNo = filterContext.HttpContext.Request["MNU"];
var needControlMenu = controlItemServices.GetNeedControlMenuNo();
if (needControlMenu.Any(x => x == menuNo))
{
try
{
controlItemServices.CheckControlItems(menuNo);
}
catch (Exception ex)
{
var currentRouteData = RouteTable.Routes.GetRouteData(filterContext.HttpContext);
var currentController = "";
var currentAction = "";
if (currentRouteData != null)
{
if (currentRouteData.Values["controller"] != null &&
!string.IsNullOrEmpty(currentRouteData.Values["controller"].ToString()))
{
currentController = currentRouteData.Values["controller"].ToString();
}
if (currentRouteData.Values["action"] != null &&
!string.IsNullOrEmpty(currentRouteData.Values["action"].ToString()))
{
currentAction = currentRouteData.Values["action"].ToString();
}
}
var controller = new CommonController();
var action = "MsgShow";
filterContext.HttpContext.ClearError();
filterContext.HttpContext.Response.Clear();
filterContext.HttpContext.Response.StatusCode = ex is HttpException ? ((HttpException)ex).GetHttpCode() : 500;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
controller.ViewData.Model = new HandleErrorInfo(ex, currentController, currentAction);
filterContext.HttpContext.Response.Redirect("~/Common/MsgShow?url=" + filterContext.HttpContext.Server.UrlEncode("about:blank") + "&msg=" + filterContext.HttpContext.Server.UrlEncode(ex.Message), true);
//((IController)controller).Execute(new RequestContext(filterContext.HttpContext, routeData));
}
}
}
}
}
}
}
[AttributeUsage(AttributeTargets.Method, AllowMultiple = true)]
public class NoSSOAttribute : Attribute
{
}
}