asp.net mvc 和类似门户的功能

发布于 2024-09-02 19:48:05 字数 571 浏览 5 评论 0原文

f嗨,

我需要构建一个具有类似门户的功能的网站,其中请求中的参数将标识门户。像这样 http:/domain/controller/action/portal

现在我的问题是,如果门户不存在,则必须重定向到其他站点/页面,并且用户可以登录到一个门户,但如果用户访问一个门户其他门户,用户必须重定向回该门户的登录页面。

我现在有一些东西正在工作,但我觉得管道中必须有一个中心位置来处理这个问题。我当前的解决方案使用自定义操作过滤器,该过滤器检查门户参数并查看门户是否存在,并检查用户是否登录到该门户(用户登录的门户位于身份验证 cookie 中)。我在 application_postauthentication 事件中创建了自己的 IIndentiy 和 IPrincipal。

我当前的方法有两个问题:

1:它并没有真正强制执行,我必须将属性添加到所有控制器和/或操作。

2:用户的 isauthenticated 并没有真正起作用,我希望它能起作用。但为此,当我创建 IPrincipal/IIndenty 时,我需要访问路线的参数,但我似乎找不到正确的位置来执行此操作。

希望有人能给我一些指点 理查德.

fHi,

I need to build an site with some portal like functionality where an param in the request will indentify the portal. like so http:/domain/controller/action/portal

Now my problem is if an portal doesn't exists there must be an redirect to an other site/page and an user can login in to one portal but if the user comes to an other portal the user must be redirected back to the login page for that portal.

I have something working now, but i feel like there must be an central place in the pipeline to handle this. My current solution uses an custom action filter which checks the portal param and sees if the portal exists and checks if the user logged on in that portal (the portal the user logged on for is in the authentication cookie). I make my own IIndentiy and IPrincipal in the application_postauthentication event.

I have 2 problems with my current approach:

1: It's not really enforced, i have to add the attributes to all controllers and/or actions.

2: The isauthenticated on an user isn't really working, i would like that to work. But for that i need to have access to the params of the route when i create my IPrincipal/IIndenty and i can't seem to find an correct place to do that.

Hope someone can give me some pointers,
Richard.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

时光沙漏 2024-09-09 19:48:05

有几种不同的方法可以做到这一点(一如既往......)。如果您想在控制器中(或通过属性)执行此操作,但也想在全局范围内执行此操作,那么您始终可以使用自定义基本控制器类并在那里应用逻辑。 actionfilter 属性是继承的,bob 是你的叔叔。

另一方面,这对我来说真的感觉像是一个路由问题。所以我可能会考虑创建一个自定义路由来处理你正在做的事情。如果你这样做,那么一旦你让它工作,你就会想要在负载下测试它,以确保你有一个良好的缓存策略(这样每个请求都不是路由的数据库查找+另一个请求)对于控制器中发生的任何情况)。

There's a couple different ways you could do this (as always...). If you want to do it in the controller (or via an attribute) but you also want to do it globally, then you could always use a custom base controller class and apply the logic there. The actionfilterattribute is inherited and bob's your uncle.

ON the other hand, this really feels like a routing concern to me. So I'd probably consider creating a custom route to handle what you're doing. If you do that, then once you get it working you'll want to test it out under load to make sure that you have a good caching strategy in place (so that every request isn't a db lookup for the route + another one for whatever happens in the controller).

睫毛上残留的泪 2024-09-09 19:48:05

您可以通过控制器中的属性强制执行用户授权。您可以将其应用于每个操作(获取和发布)。我认为为控制器中的每个操作添加某种验证以编写安全代码是合理的,如果我在这里错了,请纠正我。

You can enforce user authorization through an attribute in the controller. You would apply this to each action (both get and post). I think it's reasonable to add some sort of validation to each action within the controller to write secure code, please correct me if I'm wrong here.

魔法少女 2024-09-09 19:48:05

对于缺少的门户重定向,我会在路由中处理它。如果您的门户数量相对较少,则可以通过为每个控制器创建唯一的路由,然后设置重定向的默认路由来实现此目的。路由按照您创建的顺序进行评估,因此只需将默认路由放在底部即可。你的路由注册看起来像这样:

routes.MapRoute(
        "Portal1",
        "{controller}/{action}/FirstPortal",
        new {controller = "defaultController", action = "defaultAction", 
             portal = "FirstPortal"}
    );

routes.MapRoute(
        "Portal2",
        "{controller}/{action}/SecondPortal",
        new {controller = "defaultController", action = "defaultAction", 
             portal = "SecondPortal"}
    );

routes.MapRoute(
        "Default",
        "{controller}/{action}",
        new {controller = "defaultController", action = "defaultAction", 
             portal = "Default"}
    );

这样你就可以使用“portal”路由值来选择门户,任何不匹配的请求都将被路由到默认路由中指定的控制器/操作,这可以照顾适当地重定向用户。

For the missing portal redirect, I would handle this in routing. If you have a relatively small number of portals, you can do this by creating a unique route for each of your controllers and then setting a default route for the redirect. Routes are evaluated in the order you create them, so just put the default route at the bottom. Your route registration would look something like this:

routes.MapRoute(
        "Portal1",
        "{controller}/{action}/FirstPortal",
        new {controller = "defaultController", action = "defaultAction", 
             portal = "FirstPortal"}
    );

routes.MapRoute(
        "Portal2",
        "{controller}/{action}/SecondPortal",
        new {controller = "defaultController", action = "defaultAction", 
             portal = "SecondPortal"}
    );

routes.MapRoute(
        "Default",
        "{controller}/{action}",
        new {controller = "defaultController", action = "defaultAction", 
             portal = "Default"}
    );

This way you can use the "portal" route value to select the portal, and any request that does not match will be routed to the controller/action specified in your Default route, which can take care of redirecting the user appropriately.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文