所以我有一个身份验证方法 看起来如下
public ActionResult SignIn( SignInModel model, string returnUrl )
{
if ( ModelState.IsValid )
{
var user = accountService.Authenticate(model.UserName, model.Password);
if ( user != null)
{
var cookie = ApplicationHelpers.SetupFormsAuthTicket( user, model.RememberMe );
Response.Cookies.Add(cookie);
if ( Url.IsLocalUrl( returnUrl ) && returnUrl.Length > 1 && returnUrl.StartsWith( "/" )
&& !returnUrl.StartsWith( "//" ) && !returnUrl.StartsWith( "/\\" ) )
{
return Redirect( returnUrl );
}
else
{
return Redirect("/" );
}
}
else
{
ModelState.AddModelError( "", "The user name or password provided is incorrect." );
}
}
return View( model );
}
它按预期命中。
当用户成功通过身份验证后,它会重定向到另一个网址,并且Globab.asax(Application_Postauthenticaterequest)会被点击。 我的问题是
HttpCookie authCookie = Request.Cookies[ FormsAuthentication.FormsCookieName ];
始终为空。
我正在使用以下两种方法创建cookie
public static HttpCookie SetupFormsAuthTicket( OutsourcingPrincipal user, bool isPersistent = false )
{
string encTicket = SetupFormsCookie( user, isPersistent );
return new HttpCookie( FormsAuthentication.FormsCookieName, encTicket );
}
private static string SetupFormsCookie( OutsourcingPrincipal user, bool isPersistent )
{
var serializeModel = new OutSourcingPrincipalSerializeModel();
serializeModel.FirstName = user.FirstName;
serializeModel.LastName = user.LastName;
serializeModel.Username = user.Username;
JavaScriptSerializer serializer = new JavaScriptSerializer();
string userData = serializer.Serialize( serializeModel );
var ticket = new FormsAuthenticationTicket( 1,
user.Username,
DateTime.Now,
DateTime.Now.AddMinutes(30),
isPersistent,
userData );
var encTicket = FormsAuthentication.Encrypt( ticket );
return encTicket;
}
你能发现我做错了吗?
答案 0 :(得分:0)
public static int TicketVersion { get { return 4; } }
public static FormsAuthenticationTicket Ticket
{
get
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
FormsIdentity _formsIdentity = (FormsIdentity)HttpContext.Current.User.Identity;
if (TicketVersion != _formsIdentity.Ticket.Version)
{
HttpContext.Current.Response.Redirect("~/SignOut.aspx");
}
return _formsIdentity.Ticket;
}
return null;
}
}
public static string UserData
{
get
{
if (Ticket.IsNotNull())
{
return Ticket.UserData;
}
else
{
return null;
}
}
}
public static void AddCookies()
{
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(TicketVersion,
name,
DateTime.Now,
DateTime.Now.AddDays(10),
true,
_userData);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.Expires = DateTime.Now.AddDays(10);
HttpContext.Current.Response.Cookies.Add(authCookie);
}
答案 1 :(得分:0)
仅在解密cookie后才能获取数据,如下所示。
public static User GetUserInformation()
{
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
// Decrypts the FormsAuthenticationTicket that is held in the cookie's .Value property.
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var obj = JsonConvert.DeserializeObject<User>(authTicket.UserData);
return obj;
}
您将在“ authTicket”处获得FormsAuthenticationTicket信息,然后对它进行反序列化后,您将获得数据。