ASP.Net MVC:当用户活动为0时,强制从操作过滤器注销

时间:2018-05-03 15:14:54

标签: asp.net-mvc-5

我试过这种方式,但没有运气。

public class ForceLogoutFilter : ActionFilterAttribute
    {

        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {

            if (filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                var user =  UserManager.FindByNameAsync(HttpContext.Current.User.Identity.Name);

                if (user.IsActive==0)
                {
                    AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
                    filterContext.HttpContext.Session.Clear();
                    filterContext.HttpContext.Session.Abandon();
                }
            }

                base.OnActionExecuting(filterContext);
        }

    }

在AspNetUser表中,我添加了一个名为IsActive的列。如果任何用户的值为0,那么如果用户已经登录,则会强制用户注销。如何从动作过滤器实现相同的操作。需要一些提示。

我已经给出了上述两个错误。

1)此行抛出错误var user = UserManager.FindByNameAsync(HttpContext.Current.User.Identity.Name);

  

严重级代码描述项目文件行抑制状态   错误CS0305使用通用类型' UserManager'   需要2个类型参数

2)AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);投掷错误

  

严重级代码描述项目文件行抑制状态   错误CS0122' AuthenticationManager'由于其无法进入   保护水平

1 个答案:

答案 0 :(得分:1)

最后完成了。这是过滤器的完整代码

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Routing;
using System.Web.Mvc;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin.Security;
using WebApplication1.Models;

namespace WebApplication1.Filters
{
    public class ForceLogoutFilter : ActionFilterAttribute
    {
        private IAuthenticationManager AuthenticationManager
        {
            get
            {
                return HttpContext.Current.GetOwinContext().Authentication;
            }
        }


        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {

            if (filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                var UserManager = filterContext.HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
                //var user = UserManager.FindByEmailAsync(HttpContext.Current.User.Identity.Name).Result; 
                var user =  UserManager.FindByNameAsync(HttpContext.Current.User.Identity.Name).Result;

                if (user!=null && user.IsActive == 0)
                {
                    AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
                    filterContext.HttpContext.Session.Clear();
                    filterContext.HttpContext.Session.Abandon();
                    filterContext.Result = new RedirectToRouteResult(
                                new RouteValueDictionary    {{ "Controller", "Message" },
                                                            { "Action", "NoAccess" } });
                }
            }


            base.OnActionExecuting(filterContext);
        }

    }

}

以这种方式注册 

using System.Web;
using System.Web.Mvc;
using WebApplication1.Filters;

namespace WebApplication1
{
    public class FilterConfig
    {
        public static void RegisterGlobalFilters(GlobalFilterCollection filters)
        {
            filters.Add(new HandleErrorAttribute());
            filters.Add(new ForceLogoutFilter());
        }
    }
}

代码测试并正常工作。感谢

相关问题
最新问题