0

I have an MVC3 application that uses the standard accountcontroller that comes with visual studio to authenticate users.

I want to share specific parts of my program with people, much like google shares documents in google docs when you do that via email; in other words I don't want to give anyone access to the pages (In which case I could just remove the Authorize attributes) but I do want users to share pages based on a url with a hash in it, and have them skip the login.

I think I would like to generate the hash based on a page and link it to an anonymous user, which would then have to be auto-logged in if the hash is correct

How would I do that?

4

1 回答 1

1
  1. 在数据库中创建一个包含共享页面信息的表(控制器、操作、documentId、hash、expiresAt 等)
  2. 覆盖 Authorize 属性和 OnAuthorizationvalidate 数据库中的 url 参数。
    公共类 SharedAuthorize:AuthorizeAttribute  
    {  
        公共覆盖无效 OnAuthorization(AuthorizationContext filterContext)
        {  
            var documentHash = int.Parse(filterContext.RouteData.Values["hash"].ToString());
            if (!HashRepository.CanWeRead(documentHash,controller, action, documentId))
            {
                返回假;
            }
            返回真;
        }
    }

这只是一个想法=))

于 2012-04-29T21:10:57.067 回答