效果圖

沒有登陸不會執(zhí)行請求日期的方法，不管是否登陸都不允許訪問請求時間方法

驗證不通過是會進(jìn)行轉(zhuǎn)發(fā)到Home/error方法中，

代碼附上：

[Route("[controller]/[action]")]public class HomeController : BaseController{/// <summary>/// Ajax請求頁面/// </summary>/// <param name="username"></param>/// <param name="password"></param>/// <returns></returns> [HttpGet]public IActionResult AjaxView(){return View();}/// <summary>/// 登陸接口/// </summary>/// <param name="username"></param>/// <param name="password"></param>/// <returns></returns> [HttpGet]public IActionResult Login(){LoginMember();return Json("登陸成功");}/// <summary>/// 清除登陸信息/// </summary>/// <returns></returns> [HttpGet]public IActionResult ClearLogin() {ClearMember();return Json("注銷成功");}/// <summary>/// 登陸后也不能請求的接口/// </summary>/// <returns></returns>public IActionResult GetNoData(){return Json("時間是" + DateTime.Now.ToLongTimeString());}/// <summary>/// 請求數(shù)據(jù)接口/// </summary>/// <returns></returns>public IActionResult GetData() {return Json("今天是" + DateTime.Now.ToLongDateString());}/// <summary>/// 請求頁面接口/// </summary>/// <returns></returns>public IActionResult GetDataView(){return View();}/// <summary>/// 請求不通過接口/// </summary>/// <returns></returns>public IActionResult Error(){return Json("你沒有權(quán)限");}}

?

AjaxView視圖頁：
<!DOCTYPE html><html> <head><meta name="viewport" content="width=device-width" /><title>AjaxView</title><script src="https://code.jquery.com/jquery-3.1.1.min.js"></script><script type="text/javascript" >$(function () {$("#Login").click(function () { $.get("/Home/Login", "", function (data) {alert(data);})})$("#ClearLogin").click(function () {$.get("/Home/ClearLogin", "", function (data) {alert(data);})})$("#Getdata").click(function () {$.get("/Home/GetData", "", function (data) {alert(data);})})$("#GetTime").click(function () {$.get("/Home/GetNoData", "", function (data) {alert(data);})})})</script> </head> <body><button id="Login">登陸</button><button id="ClearLogin">注銷</button><button id="Getdata">請求日期</button><button id="GetTime">請求時間</button> </body> </html> 4個請求


支持類（用戶類與權(quán)限類、枚舉）：
/// <summary>/// 用戶類/// </summary>public class Member {public string Name { get; set; }//允許請求的連接public IEnumerable<RightsManagement> RightsList { get; set; }}/// <summary>/// 權(quán)限類/// </summary>public class RightsManagement {public int ID { get; set; }/// <summary>/// 允許請求的路徑/// </summary>public string AllowRequest { get; set; }}public enum ErrorEnum {/// <summary>/// 沒有登陸/// </summary>NoLogin=1,/// <summary>/// 不允許訪問/// </summary>NoAllow=2,/// <summary>/// 可以訪問/// </summary>OK=3}

全局變量

/// <summary>/// error 方法地址/// </summary>protected string ErrorAction { get; private set; } = "Error";/// <summary>/// error 方法地址/// </summary>protected string ErrorController { get; private set; } = "Home";/// <summary>/// 用戶類 ，為了直觀點就這樣弄了/// </summary>protected static Member member { get; private set; }/// <summary>/// 所有人都能訪問的接口，以下接口不會被攔截/// </summary>protected List<RightsManagement> RightsList { get; set; } = new List<RightsManagement>() {new RightsManagement(){ID=3,AllowRequest="Home/Login"},new RightsManagement(){ID=4,AllowRequest="Home/ClearLogin"},new RightsManagement(){ID=5,AllowRequest="Home/Error"},new RightsManagement(){ID=5,AllowRequest="Home/AjaxView"}};private ErrorEnum errorEnum;

?

登陸與注銷函數(shù) /// <summary>/// 登陸函數(shù)/// </summary>public void LoginMember() {member = new Member(){Name = "張三",RightsList = new List<RightsManagement>() {new RightsManagement(){ID=1,AllowRequest="Home/GetData"//接口},new RightsManagement(){ID=2,AllowRequest="Home/GetDataView"//視圖頁}}};}/// <summary>/// 清除登陸信息/// </summary>public void ClearMember() {member = null;}

?

攔截器重寫了父類的

OnActionExecutionAsync方法
如果不是asp.net core 將不會有這個方法
OnActionExecuting方法似乎無法決定控制器執(zhí)行的方法， /// <summary>/// 請求開始前異步調(diào)用/// </summary>/// <param name="context">參數(shù)</param>/// <param name="next">一個已經(jīng)封裝好的委托</param>/// <returns></returns>public override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next){thecontext = context;//獲取請求的路徑 并進(jìn)行拼接string theControllerAndAction = context.ActionDescriptor.RouteValues["controller"] + "/" + context.ActionDescriptor.RouteValues["action"];if (RightsList.Where(d=>d.AllowRequest== theControllerAndAction).Count()>0){//允許默認(rèn)允許的請求通過return base.OnActionExecutionAsync(context, next);}//定義一個委托 用于表示next下一步執(zhí)行的方法ActionExecutionDelegate thenext = new ActionExecutionDelegate(TaskOnActionExecutionAsync);if (member == null){//沒有登陸errorEnum = ErrorEnum.NoLogin;}else {if (member.RightsList.Where(d => d.AllowRequest == theControllerAndAction).Count() == 0){//沒有請求的權(quán)利errorEnum = ErrorEnum.NoAllow;}else {errorEnum = ErrorEnum.OK;//用base方法的去處理驗證通過的請求，//因為我不知道轉(zhuǎn)發(fā)請求的性能是否有額外開銷return base.OnActionExecutionAsync(context, next);}}return base.OnActionExecutionAsync(context, thenext);}

?

Task 方法

Task<ActionExecutedContext> TaskOnActionExecutionAsync() {Task<ActionExecutedContext> thetask = new Task<ActionExecutedContext>(funcOnActionExecutionAsync, thecontext);thetask.Start();return thetask;}
//這是一個全局的臨時變量，在控制器中 每次請求都會重置他
? ActionExecutingContext thecontext;
funcOnActionExecutionAsync方法
ActionExecutedContext funcOnActionExecutionAsync(object o) {ActionExecutingContext theaction = o as ActionExecutingContext;ActionExecutedContext theactionExecutedContext = new ActionExecutedContext(theaction, theaction.Filters, theaction.Controller);//表示跳過控制器方法訪問直接返回數(shù)據(jù)給瀏覽器，也就是不跳轉(zhuǎn)不進(jìn)入控制器方法但是有異常信息返回//theaction.Result = Json("請求成功");switch (errorEnum){case ErrorEnum.NoLogin:
　　　　　　　　　　　　//theaction.Result =new RedirectResult("/Home/Error");進(jìn)行重定向
　　　　　　　　　　　　theaction.Result = RedirectToAction(ErrorAction, ErrorController); 　　　　　　　　　　break;case ErrorEnum.NoAllow:theaction.Result = RedirectToAction(ErrorAction, ErrorController);break;case ErrorEnum.OK:theaction.Result = RedirectToAction(theaction.ActionDescriptor.RouteValues["action"], theaction.ActionDescriptor.RouteValues["controller"]);break;default:break;}return theactionExecutedContext;}

?

OK 以上就是全部代碼



其中可訪問鏈接我是用list保存，也不知道有沒有更好的方法。

Over

?

轉(zhuǎn)載于:https://www.cnblogs.com/AnAng/p/8657447.html

總結(jié)

以上是生活随笔為你收集整理的asp.net core 拦击器制作的权限管理系统DEMO的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。