網站邀請System/Beta Lockdown for .NET？

Question

是否有任何針對.NET的開源解決方案（更喜歡C＃/ MVC），允許在私有滾動Beta方案中使用簡單的鎖定和邀請系統？

差不多在那裏，除非他們在（可能使用全球行動過濾器）登錄的用戶會被重定向到一個醒目網頁...

下面是在其他語言中一對夫婦類似的解決方案：

https://github.com/ejdraper/exclusivity （紅寶石）

https://github.com/pragmaticbadger/django-privatebeta（Python）的

Answer 1

我寫了ASP.NET MVC一個小的 '訪問控制' 過濾器是配置文件驅動。我可以在我的web.config中切換一個標誌，它會將所有未註冊的用戶移動到特定的頁面，除非他們專門請求登錄或註銷操作。你可以相應地調整你的實現，而不會有太多麻煩

過濾屬性

public class AccessControlAttribute : AuthorizeAttribute 
{ 
    public bool AccessControlEnabled { 
     get { return AccessControlSection.Settings != null; } 
    } 

    public bool LockoutEnabled { 
     get { return AccessControlEnabled && AccessControlSection.Settings.ForceLockout != null && AccessControlSection.Settings.ForceLockout.Enabled; } 
    } 

    public AccessControlAttribute() { 
     if (LockoutEnabled) { 
      Roles = AccessControlSection.Settings.ForceLockout.AllowRoles; 
      Users = AccessControlSection.Settings.ForceLockout.AllowUsers; 
     } 
    } 

    protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { 
     if (filterContext.IsChildAction || ApproveLockoutAction(filterContext)) 
      return; 

     if (LockoutEnabled && !string.IsNullOrEmpty(AccessControlSection.Settings.ForceLockout.DefaultPage)) { 
      filterContext.HttpContext.Response.Redirect(AccessControlSection.Settings.ForceLockout.DefaultPage, false); 
      return; 
     } 

     base.HandleUnauthorizedRequest(filterContext); 
    } 

    private static bool ApproveLockoutAction(AuthorizationContext filterContext) { 
     var forceLockout = AccessControlSection.Settings.ForceLockout; 
     if (forceLockout == null || !forceLockout.Enabled) 
      return true; 

     if (string.IsNullOrEmpty(forceLockout.LogOnUrl) || string.IsNullOrEmpty(forceLockout.LogOffUrl)) 
      return false; 

     if (filterContext.HttpContext.Request.AppRelativeCurrentExecutionFilePath.Equals(forceLockout.LogOnUrl, StringComparison.OrdinalIgnoreCase) 
      || filterContext.HttpContext.Request.AppRelativeCurrentExecutionFilePath.Equals(forceLockout.LogOffUrl, StringComparison.OrdinalIgnoreCase)) { 
      return true; 
     } 

     return false; 
    } 
} 

配置處理器

public class AccessControlSection : ConfigurationSection 
{ 
    public const string SectionName = "accessControl"; 
    public const string ForceLockoutKeyName = "forceLockout"; 

    private static AccessControlSection _settings; 
    public static AccessControlSection Settings { 
     get { 
      if (_settings == null) { 
       object section = ConfigurationManager.GetSection(SectionName); 
       if (section != null) 
        _settings = section as AccessControlSection; 
      } 
      return _settings; 
     } 
    } 

    [ConfigurationProperty(ForceLockoutKeyName)] 
    public ForceLockoutElement ForceLockout { 
     get { return (ForceLockoutElement)this[ForceLockoutKeyName]; } 
     set { this[ForceLockoutKeyName] = value; } 
    } 
} 

public class ForceLockoutElement : ConfigurationElement 
{ 
    public const string AllowRolesKeyName = "allowRoles"; 
    public const string AllowUsersKeyName = "allowUsers"; 
    public const string DefaultPageKeyName = "defaultPage"; 
    public const string EnabledKeyName = "enabled"; 
    public const string LogOnUrlKeyName = "logOnUrl"; 
    public const string LogOffUrlKeyName = "logOffUrl"; 

    [ConfigurationProperty(AllowRolesKeyName, DefaultValue = "Admin")] 
    public string AllowRoles { 
     get { return (string)this[AllowRolesKeyName]; } 
     set { this[AllowRolesKeyName] = value; } 
    } 

    [ConfigurationProperty(AllowUsersKeyName)] 
    public string AllowUsers { 
     get { return (string)this[AllowUsersKeyName]; } 
     set { this[AllowUsersKeyName] = value; } 
    } 

    [ConfigurationProperty(DefaultPageKeyName, DefaultValue = "~/offline.htm")] 
    public string DefaultPage { 
     get { return (string)this[DefaultPageKeyName]; } 
     set { this[DefaultPageKeyName] = value; } 
    } 

    [ConfigurationProperty(LogOnUrlKeyName, DefaultValue = "~/auth/logon")] 
    public string LogOnUrl { 
     get { return (string)this[LogOnUrlKeyName]; } 
     set { this[LogOnUrlKeyName] = value; } 
    } 

    [ConfigurationProperty(LogOffUrlKeyName, DefaultValue = "~/auth/logoff")] 
    public string LogOffUrl { 
     get { return (string)this[LogOffUrlKeyName]; } 
     set { this[LogOffUrlKeyName] = value; } 
    } 

    [ConfigurationProperty(EnabledKeyName, DefaultValue = true)] 
    public bool Enabled { 
     get { return (bool)this[EnabledKeyName]; } 
     set { this[EnabledKeyName] = value; } 
    } 

    public string[] AllowedUsersArray { 
     get { 
      if (string.IsNullOrEmpty(AllowUsers)) 
       return null; 

      return AllowUsers.Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries); 
     } 
    } 

    public string[] AllowRolesArray { 
     get { 
      if (string.IsNullOrEmpty(AllowRoles)) 
       return null; 

      return AllowRoles.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries); 
     } 
    } 
} 

實施例的Web.config

<configuration> 
    <configSections> 
     <section name="accessControl" type="MyWebsite.Config.AccessControlSection, MyWebsite" /> 
    </configSections> 

    <accessControl> 
     <forceLockout enabled="true" defaultPage="~/inviteonly.htm" 
      logOnUrl="~/logon" 
      logOffUrl="~/logoff" 
      allowRoles="Members" /> 
    </accessControl> 

</configuration> 

通過上述配置，任何未登錄或未成爲「成員」角色的用戶都將被重定向到「〜/ inviteonly.htm」。您可以通過逗號分隔'allowRoles'和'allowUsers'屬性中的值來指定多個允許的角色和/或用戶。

AccessControlAttribute必須註冊爲全局過濾器，或者放置在BaseController類定義中才能使所有工作正常。