我有一个包含文档的锚标记,它将下载或如果它是PDF,它将显示文档。这样做效果很好,但不是我已经在我的模型中放置了一些文件对象的密码保护功能,以防止只有授权用户才能查看。 所以我有一个click事件,它将显示一个模态并让用户输入密码,然后我调用.ajax命令返回true或false。但我不知道如何归还真假。
这是标记:
<a href="@link.DocumentPath" onclick="checkAuth(@link.Id); ">@link.Title</a>
这是javascript:
var checkAuth = function(id) {
var hostname = location.hostname;
var host = '@System.Configuration.ConfigurationManager.AppSettings["hostroot"]';
if (hostname == "localhost")
host = "";
$(".modal-dialog").css({
"left": 0,
"top": 200,
});
$(".modal-body").css({
"background-color": "darkgreen"
})
$(".modal-title").text("This Document is Password Protected");
var url = host + "/Communities/CheckAuth/" + id;
$("#inviteDialog").load(url, function () {
$("#inviteModal").modal("show");
})
};
然后这是视图
public ActionResult CheckAuth(int? id)
{
var encrypted = db.CommunityDocs.Where(x=>x.Id == id).Select(x=>x.Password).SingleOrDefault();
ViewBag.encryptedPwd = encrypted;
return PartialView();
}
最后,这是Get
<form id="checkAuth">
<label class="sr-only" for="teamEmailAddress">Enter Password</label>
<input class="form-control" type="text" name="password" id="password" placeholder="Enter Password to view">
<input class="form-control" type="hidden" name="encrypted" id="encrypted" value="@ViewBag.encryptedPwd" /><br />
<a href="#" id="btnSubmit" class="btn btn-default">Enter</a>
</form>
<script>
$(document).ready(function () {
$("#btnSubmit").click(function () {
// Host
var hostname = location.hostname;
var host = '@System.Configuration.ConfigurationManager.AppSettings["hostroot"]';
if (hostname == "localhost")
host = "";
var formdata = $("#checkAuth").serialize();
var encryptedPwd = $("encryptedPwd").val();
var password = $("password").val();
$.ajax({
type: "GET",
url: host + "/Communities/DeCryptPwd/",
data: formdata,
success: function (data) {
$("#inviteModal").modal("hide");
// window.location.href = host + "/Communities/EditCommunity/" + communityId;
alert(data);
},
error: function (errorData) { alert(errorData); }
})
});
});
</script>
它将返回True或False,但我不知道如何处理以返回True或False。
DeCryptPwd方法:
public bool DeCryptPwd(string encrypted, string password)
{
/* Extract the bytes */
byte[] hashBytes = Convert.FromBase64String(encrypted);
/* Get the salt */
byte[] salt = new byte[16];
Array.Copy(hashBytes, 0, salt, 0, 16);
/* Compute the hash on the password the user entered */
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
/* Compare the results */
for (int i = 0; i < 20; i++)
if (hashBytes[i + 16] != hash[i])
return false;
return true;
}