在我的新项目中,我需要一个包含系统所有逻辑和数据的REST服务。目前,我们需要一个网站和一个桌面应用程序来使用此服务,以后可以添加更多服务。
网站、桌面应用程序和其他应用程序应该只是服务的"接口"。
该项目将包含一些可以执行某些操作的角色。
我的问题:我应该如何确定哪些菜单项应该对登录用户可见?在我的网站(ASP.NET MVC(中,我可以登录,该服务为我提供了一个令牌,我可以用来(尝试和(访问资源。但是尝试访问资源只会告诉我是否可以在请求(200 或 403(后访问它。那么,我将如何防止用户看到他们无论如何都无法访问的菜单项呢?
我不明白你的意思。但这可能会有所帮助
在 Web API 2.2 中使用个人帐户和本地登录保护 Web API ASP.NET
编辑 1我有三种用户 学生、教师和管理员 这是身份登录操作
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
ApplicationUser signedUser = UserManager.FindByEmail(model.Email);
var result = await SignInManager.PasswordSignInAsync(signedUser.UserName, model.Password, model.RememberMe, shouldLockout: true);
switch (result)
{
case SignInStatus.Success:
if (signedUser.UserAccessType == "Student")
{
var ObjStudent = dbContext.Students.Find(signedUser.Id);
TempData["Student"] = ObjStudent;
}
else if (signedUser.UserAccessType == "Instructor")
{
var ObjInstructor = dbContext.Instructors.Find(signedUser.Id);
TempData["Instructor"] = ObjInstructor;
}
else if (signedUser.UserAccessType == "Admin")
{
var ObjAdmin = dbContext.Users.Find(signedUser.Id);
TempData["Admin"] = ObjAdmin;
}
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
然后在布局中:
@using AdminstrationSysytem_v1.Models
@{
var Student = TempData["Student"] as Student;
var Instructor = TempData["Instructor"] as Instructors;
var Admin = TempData["Admin"] as ApplicationUser;
TempData.Keep();
}
基于用户类型的菜单项:
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li><a href="https://github.com/AlameerAshraf">About</a></li>
@if (TempData.Count != 0)
{
if (TempData.ContainsKey("Student"))
{
<li>@Html.ActionLink("Student Profile", "UserProfile", "Students", Student)</li>
<li>@Html.ActionLink("Evalute Instructors", "Evalute", "Students", Student)</li>
}
else if (TempData.ContainsKey("Instructor"))
{
<li>@Html.ActionLink("Instructor Profile", "UserProfile", "Instructors", Instructor)</li>
<li>@Html.ActionLink("Permissions", "GivePermission", "Instructors", Instructor)</li>
}
else if (TempData.ContainsKey("Admin"))
{
<li>@Html.ActionLink("Admin Profile", "UserProfile", "Instructors", Admin)</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">Studnts Panel<span class="caret"></span></a>
<ul class="dropdown-menu">
<li>@Html.ActionLink("Attendance Reception For"+" "+DateTime.Now.ToString("dd/MM/yyyy"), "AttendanceReception", "Attendance")</li>
<li>@Html.ActionLink("Report of Absence" + " " + DateTime.Now.ToString("dd/MM/yyyy"), "Report", "Attendance")</li>
<li>@Html.ActionLink("Report of Attendance" + " " + DateTime.Now.ToString("dd/MM/yyyy"), "ReportOfAttendance", "Attendance")</li>
<li>@Html.ActionLink("Attendance Reprots in time", "Reportattendanceinperiod", "Attendance")</li>
<li>@Html.ActionLink("Absence Reprots in time", "Reportabsenceinperiod", "Attendance")</li>
<li>@Html.ActionLink(" Quartz library resposible for calling this action daily", "Claculatebsence", "Attendance")</li>
@*RepoertAttendanceTaskSchedular Class in Models*@
<li>@Html.ActionLink("Students", "StudentsList", "Students")</li>
<li>@Html.ActionLink("Students", "SubmitToDepartment", "Students")</li>
</ul>
</li>
}
}
</ul>
@Html.Partial("_LoginPartial")
</div>
</div>