如果会话已过期,我想将用户重定向到登录页面。我发现有很多方法可以做到这一点,但是ASP.Net MVC5中使用OWIN的最佳(或默认)方式是什么? 可能它开箱即用?但是怎么样?
剃刀:
@if (Session["IsLogin"] == null)
{
Session.Abandon();
Response.Redirect("~/LoginControllerName/LoginActionName");
}
的Global.asax:
protected void Session_Start(object sender, EventArgs e)
{
// Code that runs when a new session is started
}
protected void Session_End(object sender, EventArgs e)
{
// Code that runs when a session is expired
}
我目前的解决方案:
BaseController
public abstract class BaseController : Controller
{
protected override void OnAuthorization(AuthorizationContext filterContext)
{
if (this.Session["RedirectAfterLogin"] == null)
{
var isAnonymousAllowed = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
if (!isAnonymousAllowed)
{
this.Session["RedirectAfterLogin"] = this.Request.Url?.ToString();
filterContext.Result = this.RedirectToAction("LoginActionName", "LoginControllerName");
}
}
base.OnAuthorization(filterContext);
}
}
if (this.AuthenticationManager == null)
{
this.SetAuthenticationManager(this.HttpContext?.GetOwinContext()?.Authentication);
}
this.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
this.Session["RedirectAfterLogin"] = this.Request.Url?.ToString();
答案 0 :(得分:1)
过期会话后的重定向以及当前页面等其他信息可以使用自定义CookieAuthenticationProvider
进行处理。
public partial class Startup
{
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
var url = new UrlHelper(HttpContext.Current.Request.RequestContext);
var provider = new CookieAuthenticationProvider();
var originalHandler = provider.OnApplyRedirect;
provider.OnApplyRedirect = context =>
{
var routeValues = new RouteValueDictionary();
var uri = new Uri(context.RedirectUri);
var returnUrl = HttpUtility.ParseQueryString(uri.Query)[context.Options.ReturnUrlParameter];
routeValues.Add(context.Options.ReturnUrlParameter, returnUrl);
context.RedirectUri = url.Action("Login", "Account", routeValues);
originalHandler.Invoke(context);
};
provider.OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager));
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = provider,
SlidingExpiration = true,
ExpireTimeSpan = TimeSpan.FromMinutes(30)
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
}
}
答案 1 :(得分:0)
您可以在mvc5中使用owin的默认启动
public partial class Startup
{
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
}
}