代码调用顺序为:OnAuthorization--AuthorizeCore--HandleUnauthorizedRequest 如果AuthorizeCore返回false时,才会走HandleUnauthorizedRequest 方法,并且filterContext.Result是HttpUnauthorizedResult类型(注:StausCode=401),401错误又对应了Web.confi
代码调用顺序为:OnAuthorization-->AuthorizeCore-->HandleUnauthorizedRequest
如果AuthorizeCore返回false时,才会走HandleUnauthorizedRequest 方法,并且filterContext.Result是HttpUnauthorizedResult类型(注:StausCode=401),401错误又对应了Web.config中的
所以,AuthorizeCore==false 时,会跳转到 web.config 中定义的 loginUrl="~/"
public class CheckLoginAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext) {
bool Pass = false;
if (!CheckLogin.AdminLoginCheck())
{
httpContext.Response.StatusCode = 401;
Pass = false;
}
else
{
Pass = true;
}
return Pass;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if(filterContext.HttpContext.Request.IsAjaxRequest())
{
if (!App.AppService.IsLogon)
{
filterContext.Result = new JsonResult
{
Data = new {IsSuccess = false, Message = "不好意思,登录超时,请重新登录再操作!"},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
return; //由于JsonResult无对应StatusCode,,而在AuthorizeCore中我们把httpContext.Response.StatusCode=401,所以会跳转到 web.config 中定义的 loginUrl。猜想:filterContext.Result可以赋值为 //RedirectResult、HttpUnauthorizedResult等,若没有StatusCode(像JsonResult),则会检查Response.StatusCode
}
}
if (App.AppService.IsLogon)
{
return;
}
新闻热点
疑难解答
图片精选
