Asp. net mvc Permission Filtering and Single Sign on (No Duplicate Logon)

1. The authority control uses controller and action to realize, the authority way has many kinds, the recent development project uses the control controller way to realize the code as follows

/// <summary>
///  User rights control 
/// </summary>
public class UserAuthorize : AuthorizeAttribute
{
  /// <summary>
  ///  View rendered when authorization fails 
  /// </summary>
  public string AuthorizationFailView { get; set; }
  /// <summary>
  ///  Executed when authorization is requested 
  /// </summary>
  /// <param name="filterContext"> Context </param>
  public override void OnAuthorization(AuthorizationContext filterContext)
  {
    //  Get url In the request  controller  And  action
    string controllerName = filterContext.RouteData.Values["controller"].ToString();
    string actionName = filterContext.RouteData.Values["action"].ToString();
    //  Get user information 
    UserLoginBaseInfo _userLoginInfo = filterContext.HttpContext.Session[Property.UerLoginSession] as UserLoginBaseInfo;
    // Coming on request controller And action To query which roles can be operated by :  This is the query database  roleid Use  1,2,3,4 Format 
    RoleWithControllerAction roleWithControllerAction =
      SampleData.roleWithControllerAndAction.FirstOrDefault(r => r.ControllerName.ToLower() == controllerName.ToLower() && r.ActionName.ToLower() == actionName.ToLower() && r.RoleIds.contails("3"));
    //  Value processing 
    if (roleWithControllerAction != null)
    {
      // Have permission to manipulate the current controller and Action The role of id
      this.Roles = roleWithControllerAction.RoleIds;
    }
    else
    {
      // Request failed and output null result 
      filterContext.Result = new EmptyResult();
      // Type prompt text 
      HttpContext.Current.Response.Write(" I'm sorry , You don't have permission to operate !");
    }
    base.OnAuthorization(filterContext);
  }
  /// <summary>
  ///  Custom Authorization Check (Returns False Authorization fails) 
  /// </summary>
  protected override bool AuthorizeCore(HttpContextBase httpContext)
  {
    //if (httpContext.User.Identity.IsAuthenticated)
    //{
    //  string userName = httpContext.User.Identity.Name;  // The user name of the currently logged-in user 
    //  User user = SampleData.users.Find(u => u.UserName == userName);  // Current Logon User Object 
    //  if (user != null)
    //  {
    //    Role role = SampleData.roles.Find(r => r.Id == user.RoleId); // Role of the currently logged-in user 
    //    foreach (string roleid in Roles.Split(','))
    //    {
    //      if (role.Id.ToString() == roleid)
    //        return true;
    //    }
    //    return false;
    //  }
    //  else
    //    return false;
    //}
    //else
    //  return false;   // Enter HandleUnauthorizedRequest
    return true;
  }
  /// <summary>
  ///  Object that handles authorization failures HTTP Request 
  /// </summary>
  protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
  {
    if (string.IsNullOrWhiteSpace(AuthorizationFailView))
      AuthorizationFailView = "error";
    filterContext.Result = new ViewResult { ViewName = AuthorizationFailView };
  }
}

2. The single sign-on mode is implemented by application mode

1. Record the current information after the user logs in successfully

/// <summary>
///  Limit 1 Users can only log in 1 Times 
/// </summary>
/// <returns></returns>
private void GetOnline()
{
  string UserID = "1";
  Hashtable SingleOnline = (Hashtable)System.Web.HttpContext.Current.Application[Property.Online];
  if (SingleOnline == null)
    SingleOnline = new Hashtable();
  IDictionaryEnumerator idE = SingleOnline.GetEnumerator();
  string strKey = string.Empty;
  while (idE.MoveNext())
  {
    if (idE.Value != null && idE.Value.ToString().Equals(UserID))
    {
      //already login 
      strKey = idE.Key.ToString();
      // The current user already exists for removal, 
      SingleOnline.Remove(strKey);
      System.Web.HttpContext.Current.Application.Lock();
      System.Web.HttpContext.Current.Application[Property.Online] = SingleOnline;
      System.Web.HttpContext.Current.Application.UnLock();
      break;
    }
  }
  //SessionID
  if (!SingleOnline.ContainsKey(Session.SessionID))
  {
    SingleOnline[Session.SessionID] = UserID;
    System.Web.HttpContext.Current.Application.Lock();
    System.Web.HttpContext.Current.Application[Property.Online] = SingleOnline;
    System.Web.HttpContext.Current.Application.UnLock();
  }
}

2. Use ActionFilter to realize single sign-on. Every time you click on the controller, you will query whether the filter logs in elsewhere

/// <summary>
 ///  User Basic Information Filter 
 /// </summary>
 public class LoginActionFilter : ActionFilterAttribute
 {
   /// <summary>
   ///  Initialization address 
   /// </summary>
   public const string Url = "~/Login/Index?error=";
   /// <summary>
   ///  This method will be used in the action Called before the method executes  
   /// </summary>
   /// <param name="filterContext"> Context </param>
   public override void OnActionExecuting(ActionExecutingContext filterContext)
   {
     //  Get on 1 Grade url
     // var url1 = filterContext.HttpContext.Request.UrlReferrer;
     UserLoginBaseInfo _userLogin = filterContext.HttpContext.Session[Property.UerLoginSession] as UserLoginBaseInfo;
     //  Does the user log in 
     if (_userLogin == null)
     {
       filterContext.Result = new RedirectResult(Url + " Log-in time expired , Please log in again !&url=" + filterContext.HttpContext.Request.RawUrl);
     }
     else
     {
       filterContext.HttpContext.Session.Timeout = 30;
     }
     // Determine whether to log in elsewhere 
     Hashtable singleOnline = (Hashtable)System.Web.HttpContext.Current.Application[Property.Online];
     //  Judge the current SessionID Does it exist 
     if (singleOnline != null && !singleOnline.ContainsKey(HttpContext.Current.Session.SessionID))
       filterContext.Result = new RedirectResult(Url + " Your account has been logged in elsewhere, and you are forced to log off !");
     base.OnActionExecuting(filterContext);
   }
   /// <summary>
   ///  After execution 
   /// </summary>
   /// <param name="filterContext"></param>
   public override void OnResultExecuting(ResultExecutingContext filterContext)
   {
     // Record the operation log and write it into the operation log 
     var controllerName = filterContext.RouteData.Values["controller"];
     var actionName = filterContext.RouteData.Values["action"];
     base.OnResultExecuting(filterContext);
   }

3. If the user exits normally or abnormally, process the current user information and destroy Session

/// <summary>
/// Session Destruction 
/// </summary>
protected void Session_End()
{
  Hashtable SingleOnline = (Hashtable)Application[Property.Online];
  if (SingleOnline != null && SingleOnline[Session.SessionID] != null)
  {
    SingleOnline.Remove(Session.SessionID);
    Application.Lock();
    Application[Property.Online] = SingleOnline;
    Application.UnLock();
  }
  Session.Abandon();
}

The above is the site to introduce you Asp. net mvc rights filtering and single sign-on (no repeated login), I hope to help you, if you have any questions welcome to leave me a message, this site will reply to you in time!