通过asp mvc 4中的FormsAuthentication进行身份验证

时间:2015-01-06 12:04:39

标签: c# asp.net-mvc-4

我有简单的网络应用程序(asp mvc 4),它使用用户名和密码,并通过自定义用户提供程序对用户进行身份验证。

在帐户控制器中,我编写此代码:

 public ActionResult Login(LoginViewModel model, string returnUrl = "")
    {
            if (ModelState.IsValid)
        {
            ImasUser user=null;
            var x = ImasUserManagment.ImasMembershipProvider.GetImasUser(model.Username, model.Password);
            if(x!=null)
              user =new ImasUser(x);
            if (user != null)
            {
                var roles = user.ImasRoles.Select(m => m.RoleName).ToArray();

                ImasPrincipalSerializeModel serializeModel = new ImasPrincipalSerializeModel();
                serializeModel.UserId = user.UserID;
                serializeModel.FirstName = user.FirstName;
                serializeModel.LastName = user.LastName;
                serializeModel.UserName = user.UserName;
                serializeModel.roles = roles;

                string userData = JsonConvert.SerializeObject(serializeModel); 
                FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
                         1,
                        user.UserName,
                         DateTime.Now,
                         DateTime.Now.AddMinutes(15),
                         false,
                         userData, FormsAuthentication.FormsCookiePath);

                string encTicket = FormsAuthentication.Encrypt(authTicket);
                HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
                faCookie.Expires = authTicket.Expiration;
                Response.Cookies.Clear();
                System.Web.HttpContext.Current.Response.Cookies.Add(faCookie);
                System.Web.HttpContext.Current.Session.Add("UserInfo", userData);

                if (roles.Contains("Admin"))
                {
                    return RedirectToAction("Index", "Admin");
                }
                else if (roles.Contains("User"))
                {
                    return RedirectToAction("Index", "User");
                }
                else
                {
                    return RedirectToAction("Index", "Home");
                }
            }

            ModelState.AddModelError("", "xxx");
        }

在全球的asax中:

    protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
    {
            HttpCookie authCookie =System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
        if (authCookie != null)
        {
            FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
            ImasPrincipalSerializeModel serializeModel = JsonConvert.DeserializeObject<ImasPrincipalSerializeModel>(authTicket.UserData);
            ImasPrincipal newUser = new ImasPrincipal(authTicket.Name);
            newUser.UserId = serializeModel.UserId;
            newUser.FirstName = serializeModel.FirstName;
            newUser.LastName = serializeModel.LastName;
            newUser.roles = serializeModel.roles;
            HttpContext.Current.User = newUser;
        }

    }

但是global.asax中的“authCookie”为空。

1 个答案:

答案 0 :(得分:2)

1)更好地使用会话

2)尝试:

FormsAuthentication.SetAuthCookie


FormsAuthentication.GetAuthCookie
相关问题
最新问题