JW/EMISOnline/EMISOnline.Web/Controls/Authorization.cs

using System.Web.Mvc;
using System.Web.Security;
using System.Collections.Generic;
using System.Web;
using System.Linq;
using Bowin.Common;
using Autofac;
using EMISOnline.Web.Controls;
using EMISOnline.Utility;
using EMISOnline.CommonLogic.SystemServices;
using EMISOnline.Utility.FormValidate;
using EMISOnline.ViewModel.Account;

namespace System
{
    /// <summary>
    /// 表示需要用户登录才可以使用的特性
    /// 如果不需要处理用户登录，则请指定AllowAnonymousAttribute属性
    /// </summary>
    [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
    public class AuthorizationAttribute : AuthorizeAttribute, IAuthorizationFilter
    {
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext.HttpContext == null)
            {
                throw new Exception("此特性只适合于Web应用程序使用！");
            }
            else
            {
                FormsAuthenticationHelper fahelper = new FormsAuthenticationHelper();

                var cookieName = EMISOnline.Utility.Const.LOCAL_SETTING_LOGIN_COOKIENAME;

                if (Const.SSO_IS_SSO_LOGIN)
                {
                    string rurl = filterContext.HttpContext.Request.Path.ToLower();

                    var l_unvalidateUrl = Const.LOCAL_AUTH_EXCEPTURL.Concat(new List<string>() { FormsAuthentication.LoginUrl.TrimStart('~') });

                    if (l_unvalidateUrl.Where(w => rurl.IndexOf(w.ToLower()) >= 0).Count() == 0)
                    {
                        if (filterContext.HttpContext.Request.Cookies[cookieName] == null)
                        {
                            var loginID = SSO.SSOLogin();

                            if (loginID != "")
                            {
                                filterContext.Controller.LoginSureccessful(new LogOnModel { UserName = loginID }, loginID);
                            }
                        }
                    }
                }

                fahelper.AuthenticateRequest(HttpContext.Current, cookieName, Const.LOCAL_AUTH_EXCEPTURL);

                var user = EMISOnline.Utility.FormValidate.CustomPrincipal.Current;
                if (user != null && user.RoleID == null)
                {
                    using (var scope = AutofacHelper.Container.BeginLifetimeScope())
                    {
                        IUserServices userServices = scope.Resolve<IUserServices>();

                        var role = userServices.GetUserRoles(user.UserID).FirstOrDefault();

                        if (role != null)
                        {
                            user.RoleID = role.RoleID;
                            HttpContext.Current.User = user;
                            var userData = user.GetUserData();
                            //刷新一下cookies，防止还要再读取数据库
                            fahelper.loginFormsAuthentication(filterContext.HttpContext, cookieName, userData);
                        }
                    }
                }
            }
        }

    }
}