如果我的应用包含两个不同的登录页面,如何将用户重定向到相应的登录?

时间:2017-01-17 21:11:48

标签: c# asp.net-mvc

我知道我可以使用[授权]来防止在没有用户登录的情况下命中页面。在这种情况下,我有2个不同的登录到我的应用程序(用户和管理员)。为了更好地解释,让我们在用户未登录时通过url进入以下请求:

foo/bar/create/2

使用相应操作结果上方的authorize属性,此用户将被定向到默认登录页面。 

account/login

如何将用户重定向到account/userlogin针对该特定Create操作结果?

2 个答案:

答案 0 :(得分:1)

您可以扩展授权属性并覆盖 HandleUnauthorizedRequest 

    public class ClientAuthorize : AuthorizeAttribute
{
    public new String Role { get; set; }

    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        return DoAUthorizationAndReturnBool(Role);
    }

    protected override void HandleUnauthorizedRequest(System.Web.Mvc.AuthorizationContext filterContext)
    {
            if(Role=="Admin")
            filterContext.Result = new RedirectToRouteResult(new
            RouteValueDictionary(new { controller = "admin", action = "login" }));
            else
                filterContext.Result = new RedirectToRouteResult(new
                RouteValueDictionary(new { controller = "user", action = "login" }));
        }



}

答案 1 :(得分:0)

如果您使用带有MembershipProvider的表单身份验证,则可以使用FormsAuthentication.GetRedirectUrl方法。此方法"返回导致重定向到登录页面的原始请求的重定向URL。"。检查该URL以找出他们试图导航到的URL,并在登录后重定向到该URL。

https://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.getredirecturl(v=vs.110).aspx

我们正在做类似的事情(检测他们是否试图访问salesportal或管理员门户网站):

<HttpPost>
<AllowAnonymous>
<ValidateAntiForgeryToken>
Public Function Login(model As LoginModel) As ActionResult
    If (ModelState.IsValid) Then
        Dim userValid = Membership.ValidateUser(model.Email, model.Password)
        If (userValid) Then
            FormsAuthentication.SetAuthCookie(model.Email, False)
            Dim membershipProvider = New Program.Security.MoleculeraMembershipProvider()
            Dim redirectUrl = FormsAuthentication.GetRedirectUrl(model.Email, False)
            If redirectUrl.Contains("sales") Then
                Return RedirectToAction("SalesPortal")
            Else
                Return RedirectToAction("AdminPortal")
            End If
        Else
            ModelState.AddModelError("", "The user name or password provided is incorrect.")
        End If
    End If
    ' If we got this far, something failed, redisplay form
    Return View(model)
End Function

您也可以直接重定向到网址:

<HttpPost>
<AllowAnonymous>
<ValidateAntiForgeryToken>
Public Function Login(model As LoginModel) As ActionResult
    If (ModelState.IsValid) Then
        Dim userValid = Membership.ValidateUser(model.Email, model.Password)
        If (userValid) Then
            FormsAuthentication.SetAuthCookie(model.Email, False)
            Dim membershipProvider = New Program.Security.MoleculeraMembershipProvider()
            Dim redirectUrl = FormsAuthentication.GetRedirectUrl(model.Email, False)
            Return Redirect(returnUrl)
        Else
            ModelState.AddModelError("", "The user name or password provided is incorrect.")
        End If
    End If
    ' If we got this far, something failed, redisplay form
    Return View(model)
End Function

我为此在VB.NET中提前道歉。它是一款旧应用。

相关问题
最新问题