MVC下的表单登录验证方式
2014-06-18 14:59
295 查看
1、View:获取用户登录数据
2、 对应的Controller中:
public ActionResult AjaxAuthorizeUser(string tel, string num, string innum)
{
var telephone = tel ?? "";
var numbers = num ?? "";
var innumbers = innum ?? "";
ViewBag.txtNum = numbers;
ViewBag.txtTel = telephone;
var success = false;
if (tel != "" && numbers != "" && innumbers != "")
{
if (innumbers == numbers)
{
var datenow = DateTime.Now;
var datexpires = datenow.AddDays(1);
//查看是否有该用户
var user = UserDal.F_User_GetMemberInforByTel(tel);
//某有则去创建
if (user == null)
{
int isCreate = UserDal.F_User_CreateClient_ByTel(tel);
user = UserDal.F_User_GetMemberInforByTel(tel);
}
//获取相关用户信息,保存至cookie中
//1、生成票据
var ticket = new FormsAuthenticationTicket(
1,
user.Id.ToString(CultureInfo.InvariantCulture) + ":" + user.ClientName,
datenow,
datexpires,
false,
// user.RoleName.ToString(CultureInfo.InvariantCulture)
"clients" /*这里用上面准备好的用逗号分割的role字符串,此处简化为已client为例,
使用时仅需在相关页面上添加 [Authorize(Roles = "clients")] 即可*/
);
//2、加密票据并生成Cookie
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket))
{
Expires = datexpires
};
//3、将身份验证票据Cookie输出到客户端
Response.Cookies.Add(cookie);
success = true;
}
}
return Content(JsonConvert.SerializeObject(new
{
return_code = 0,
success
}));
}
3、web.config文件中:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
4、Global.asax中:
protected void Application_AuthorizeRequest(object sender, System.EventArgs e)
{
HttpApplication App = (HttpApplication)sender;
HttpContext Ctx = App.Context; //获取本次Http请求相关的HttpContext对象
if (Ctx.Request.IsAuthenticated == true) //验证过的用户才进行role的处理
{
FormsIdentity Id = (FormsIdentity)Ctx.User.Identity;
FormsAuthenticationTicket Ticket = Id.Ticket; //取得身份验证票
string[] Roles = Ticket.UserData.Split(','); //将身份验证票中的role数据转成字符串数组
Ctx.User = new GenericPrincipal(Id, Roles); //将原有的Identity加上角色信息新建一个GenericPrincipal表示当前用户,这样当前用户就拥有了role信息
}
}
或者
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null || authCookie.Value == "")
{
return;
}
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch
{
return;
}
string[] roles = authTicket.UserData.Split(new char[] { ';' });
if (Context.User != null)
{
Context.User = new System.Security.Principal.GenericPrincipal(Context.User.Identity, roles);
}
} 均可。
P.S. 本篇文章最好结合上一篇文章对比去学习。
上一篇文章里有详细的参数及概念的讲解,本文为实际操作为主。
2、 对应的Controller中:
public ActionResult AjaxAuthorizeUser(string tel, string num, string innum)
{
var telephone = tel ?? "";
var numbers = num ?? "";
var innumbers = innum ?? "";
ViewBag.txtNum = numbers;
ViewBag.txtTel = telephone;
var success = false;
if (tel != "" && numbers != "" && innumbers != "")
{
if (innumbers == numbers)
{
var datenow = DateTime.Now;
var datexpires = datenow.AddDays(1);
//查看是否有该用户
var user = UserDal.F_User_GetMemberInforByTel(tel);
//某有则去创建
if (user == null)
{
int isCreate = UserDal.F_User_CreateClient_ByTel(tel);
user = UserDal.F_User_GetMemberInforByTel(tel);
}
//获取相关用户信息,保存至cookie中
//1、生成票据
var ticket = new FormsAuthenticationTicket(
1,
user.Id.ToString(CultureInfo.InvariantCulture) + ":" + user.ClientName,
datenow,
datexpires,
false,
// user.RoleName.ToString(CultureInfo.InvariantCulture)
"clients" /*这里用上面准备好的用逗号分割的role字符串,此处简化为已client为例,
使用时仅需在相关页面上添加 [Authorize(Roles = "clients")] 即可*/
);
//2、加密票据并生成Cookie
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket))
{
Expires = datexpires
};
//3、将身份验证票据Cookie输出到客户端
Response.Cookies.Add(cookie);
success = true;
}
}
return Content(JsonConvert.SerializeObject(new
{
return_code = 0,
success
}));
}
3、web.config文件中:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
4、Global.asax中:
protected void Application_AuthorizeRequest(object sender, System.EventArgs e)
{
HttpApplication App = (HttpApplication)sender;
HttpContext Ctx = App.Context; //获取本次Http请求相关的HttpContext对象
if (Ctx.Request.IsAuthenticated == true) //验证过的用户才进行role的处理
{
FormsIdentity Id = (FormsIdentity)Ctx.User.Identity;
FormsAuthenticationTicket Ticket = Id.Ticket; //取得身份验证票
string[] Roles = Ticket.UserData.Split(','); //将身份验证票中的role数据转成字符串数组
Ctx.User = new GenericPrincipal(Id, Roles); //将原有的Identity加上角色信息新建一个GenericPrincipal表示当前用户,这样当前用户就拥有了role信息
}
}
或者
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null || authCookie.Value == "")
{
return;
}
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch
{
return;
}
string[] roles = authTicket.UserData.Split(new char[] { ';' });
if (Context.User != null)
{
Context.User = new System.Security.Principal.GenericPrincipal(Context.User.Identity, roles);
}
} 均可。
P.S. 本篇文章最好结合上一篇文章对比去学习。
上一篇文章里有详细的参数及概念的讲解,本文为实际操作为主。
相关文章推荐
- [转]ASP.NET MVC Jquery Validate 表单验证的多种方式介绍
- Spring-Mvc之表单验证的两种方式-yellowcong
- ASP.NET MVC 表单验证方式总结
- ASP.NET MVC Jquery Validate 表单验证的多种方式
- MVC中 jquery validate 不用submit方式验证表单或单个元素
- ASP.NET MVC Jquery Validate 表单验证的多种方式介绍
- MVC 表单验证的几种方式:
- [翻译-ASP.NET MVC]Contact Manager开发之旅迭代3 - 验证表单
- VC POST表单——登录验证新浪邮箱
- asp.net MVC&JQuery 应用(表单验证)
- Asp.Net MVC 表单验证
- 不一样的登录窗口验证方式
- Video : 将使用AD认证的SharePoint网站配置为表单方式登录
- spring 注解方式下使用commons-validator 验证表单
- 为ASP.NET MVC配置基于Active Directory的表单认证方式
- 配置SQL Server 2005 Express的身份验证方式,以及如何启用sa登录名。
- 在MVC中验证表单数据
- 另一种登录验证方式
- Asp.net MVC中表单验证
- 通用化Web表单验证方式的改进方案