基于.net的用户处理机制。
2024-07-10 12:56:09
供稿:网友
本文来源于网页设计爱好者web开发社区http://www.html.org.cn收集整理,欢迎访问。基于.net的principal、identity接口的用户处理机制。
siteidentity.cs
using system;
using system.text;
using system.collections;
using system.security.cryptography;
namespace contextuser
{
/// <summary>
/// siteidentity 的摘要说明。
/// </summary>
public class siteidentity: system.security.principal.iidentity
{
private string username;
private string emailaddress;
private int userid;
public siteidentity(string currentusername )
{
username = currentusername;
emailaddress = "[email protected]";
userid =1;
}
public string authenticationtype
{
get
{
return "custom authentication";
}
set
{
// do nothing
}
}
public bool isauthenticated
{
get
{
// assumption: all instances of a siteidentity have already
// been authenticated.
return true;
}
}
public string name
{
get
{
return username;
}
}
public string emailaddress
{
get
{
return emailaddress;
}
}
public int userid
{
get
{
return userid;
}
}
}
}
-----------------------------------------------------------------------------------------------
siteprincipal.cs
using system;
using system.collections;
using system.security;
using system.security.cryptography;
namespace contextuser
{
/// <summary>
/// siteprincipal 的摘要说明。
/// </summary>
public class siteprincipal: system.security.principal.iprincipal
{
protected system.security.principal.iidentity identity;
protected arraylist permissionlist;//许可动态数组
protected arraylist rolelist;//角色动态数组
public system.security.principal.iidentity identity
{
get
{
return identity;
}
set
{
identity = value;
}
}
public siteprincipal( string username )//构造函数逻辑
{
identity = new siteidentity( username );
rolelist = new arraylist();//添加角色数组 以后可以用从数据库获取数值代替
rolelist.add("admin");
rolelist.add("123");
permissionlist = new arraylist();
permissionlist.add(2);
//permissionlist = datauser.geteffectivepermissionlist( userid );
//rolelist = datauser.getuserroles( userid );
}
public static siteprincipal validatelogin(string username, string password)//验证登陆
{
if(username == "1111111" && password == "1111111")//可以用从数据库验证替代
{
return new siteprincipal( username );
}
else
{
return null;
}
}
public bool isinrole(string role)
{
return rolelist.contains( role );
}
public bool haspermission( int permissionid )
{
return permissionlist.contains( permissionid );
}
public arraylist roles
{
get
{
return rolelist;
}
}
public arraylist permissions
{
get
{
return permissionlist;
}
}
}
}
下面继承page 用于需要验证的页面继承
basepage.cs
using system;
using system.web;
using system.web.ui;
using system.diagnostics;
namespace contextuser
{
/// <summary>
/// basepage 的摘要说明。
/// </summary>
public class basepage : system.web.ui.page
{
public basepage()
{
}
protected override void oninit(eventargs e)
{
base.oninit(e);
this.load += new system.eventhandler(this.basepage_load);
}
private void basepage_load(object sender, system.eventargs e)
{
if (context.user.identity.isauthenticated)
{
if (!(context.user is siteprincipal))
{
response.write("context.user.identity.is authenticated");
siteprincipal newuser = new siteprincipal( context.user.identity.name);
context.user = newuser;
response.write(context.user.isinrole("123"));
}
}
}
}
}
--------------------------------------------------------------------------
登陆页面
using system;
using system.collections;
using system.componentmodel;
using system.data;
using system.drawing;
using system.web;
using system.web.security;
using system.web.sessionstate;
using system.web.ui;
using system.web.ui.webcontrols;
using system.web.ui.htmlcontrols;
namespace contextuser
{
/// <summary>
/// webform1 的摘要说明。
/// </summary>
public class webform1 : contextuser.basepage
{
protected system.web.ui.webcontrols.textbox username;
protected system.web.ui.webcontrols.textbox pwd;
protected system.web.ui.webcontrols.label label1;
protected system.web.ui.webcontrols.label label2;
protected system.web.ui.webcontrols.button button1;
private void page_load(object sender, system.eventargs e)
{
// 在此处放置用户代码以初始化页面
}
#region web 窗体设计器生成的代码
override protected void oninit(eventargs e)
{
//
// codegen: 该调用是 asp.net web 窗体设计器所必需的。
//
initializecomponent();
base.oninit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void initializecomponent()
{
this.button1.click += new system.eventhandler(this.button1_click);
this.load += new system.eventhandler(this.page_load);
}
#endregion
private void button1_click(object sender, system.eventargs e)
{
siteprincipal principal = siteprincipal.validatelogin(username.text,pwd.text);
if(principal==null)
{
label1.text = "用户名或密码不正确";
}
else
{
context.user = principal;
formsauthentication.setauthcookie( username.text, true );
if(context.user.isinrole("123"))
{
label2.text = "用户" + context.user.identity.name + "属于admin组";
}
else
{
label2.text = "用户" + context.user.identity.name + "不属于admin组";
}
}
}
}
}
---------------------------------------------------
验证页面 需要继承basepage
using system;
using system.collections;
using system.componentmodel;
using system.data;
using system.drawing;
using system.web;
using system.web.sessionstate;
using system.web.ui;
using system.web.ui.webcontrols;
using system.web.ui.htmlcontrols;
namespace contextuser
{
/// <summary>
/// _default 的摘要说明。
/// </summary>
public class _default : contextuser.basepage
{
protected system.web.ui.webcontrols.label label1;
private void page_load(object sender, system.eventargs e)
{
if (!context.user.identity.isauthenticated ||
!((siteprincipal)context.user).haspermission(2))
{
page.response.redirect("webform1.aspx");
}
else
{
page.response.write("通过");
}
}
#region web 窗体设计器生成的代码
override protected void oninit(eventargs e)
{
//
// codegen: 该调用是 asp.net web 窗体设计器所必需的。
//
base.oninit(e);//------------------------------------------------------------注意这里需要放在上边
initializecomponent();
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void initializecomponent()
{
this.load += new system.eventhandler(this.page_load);
}
#endregion
}
}
参考了一些网友的文章还有wrox站点高级编程 在此感谢!
