我有一个使用成员资格和表单身份验证的网站:
ASP.NET页面:
<asp:LoginView
ID="HeadLoginView" ...
<AnonymousTemplate>
<asp:Login ID="LoginUser" OnLoggedIn="LoginUser_LoggedIn" ... >
<LayoutTemplate>
<asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">Username:</asp:Label>
<asp:TextBox ID="UserName" runat="server" CssClass="textEntry"></asp:TextBox>
<asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label>
<asp:TextBox ID="Password" runat="server" CssClass="passwordEntry" TextMode="Password"></asp:TextBox>
<asp:CheckBox ID="RememberMe" runat="server"/>
<asp:Label ID="RememberMeLabel" runat="server" AssociatedControlID="RememberMe" CssClass="inline">Remember me.</asp:Label>
<asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="Login" style="width:100%; height:35px"/>
</LayoutTemplate>
</asp:Login>
</AnonymousTemplate>
...
</asp:LoginView>
代码背后:
protected void LoginUser_LoggedIn(object sender, EventArgs e)
{
MembershipUser user = Membership.GetUser();
if (Roles.IsUserInRole(user.UserName, "User"))
{
// Do something and redirect to user page...
}
if (Roles.IsUserInRole(user.UserName, "Admin"))
{
// Do something and redirect to admin page...
}
}
问题是Membership.GetUser()总是返回null。我试图用Page.User.Identity.Name获取用户名,但它总是空字符串。有没有办法找到当前登录用户的用户名甚至更好:定义<asp:LoginView>或<asp:Login>的登录后行为?
修改
MSDN:Login.LoggedIn Event Occurs when the user logs in to the Web site and has been authenticated.(link)所以问题是为什么在验证用户Membership.GetUser()之后会返回null?
我的一位同事说,不是使用Membership.GetUser()使用Membership.GetUser(UserNameTextBox.Text)而且没关系,因为用户使用此用户名进行了身份验证但问题是我无法找到获取{{1的方法}}。我使用Username.Text并收到错误。
任何想法?
答案 0 :(得分:2)
试试这个:
protected void LoginUser_LoggedIn(object sender, EventArgs e)
{
string userName = (LoginUser.FindControl(“UserName”) as TextBox).Text;
//// or use
//// string userName = (e.Item.FindControl("UserName") as TextBox).Text;
MembershipUser user = Membership.GetUser(userName);
if (Roles.IsUserInRole(user.UserName, "User"))
{
// Do something and redirect to user page...
}
if (Roles.IsUserInRole(user.UserName, "Admin"))
{
// Do something and redirect to admin page...
}
}
答案 1 :(得分:0)
我一直使用表单身份验证使用自己的身份验证。
我附上了我写的代码,用于处理用户登录系统
string role = system.CheckAdminLogin(txtUserName.Text, txtPassword.Text);
if (role == Role.admin.ToString() || role == Role.manager.ToString())
{
Users _user = _users.GetUserByUserName(txtUserName.Text);
if (_user.Mode)
{
FormsAuthentication.SetAuthCookie(role, false);
Session.Add("UserName", txtUserName.Text);
Session.Add("UserID", _user.ID);
Response.Redirect("System/ShowActivities.aspx");
}
else
{
lblLoginFail.Text = "your account is not authorized!";
lblLoginFail.Visible = true;
}
}
else
{
if (txtPassword.Text != "" && txtUserName.Text != "")
{
lblLoginFail.Text = Application["Wrong_login_data"].ToString();
lblLoginFail.Visible = true;
}
}
正如您可以看到我从数据库获取用户角色的第一行,如果用户不存在,则该函数返回null。
接下来,如果用户的帐户被授权,那么我正在使用FormsAuthentication类注册他,我正在传递用户的角色。
接下来,我正在设置会话并将用户重定向到另一个页面。
我希望它有用
答案 2 :(得分:0)
最后,我找到了基于@LolCoder理念的解决方案:
protected void LoginUser_LoggedIn(object sender, EventArgs e)
{
String username = (HeadLoginView.FindControl("LoginUser") as Login).UserName;
if (Roles.IsUserInRole(username, "User"))
{
//...
}
// ...
}
答案 3 :(得分:-1)
我的回答有效!
protected void LoginUser_LoggedIn(object sender, EventArgs e)
{
System.Web.UI.WebControls.Login controlLogin = (Login)sender;
MembershipUser user = (MembershipUser)Membership.GetUser(controlLogin.UserName);
........
}