我正在尝试将帐户锁定与实时数据库一起使用。我找到了一个教程here,它说我需要修改web.config文件。我这样做了,但停工仍然无法正常工作。下面是我的web.config文件的副本。出于安全考虑,我删除了敏感数据库信息。 webapi和实际登录页面在两个不同的项目中是否重要?我正在使用AJAX调用将信息传递给webapi。
<connectionStrings>
<add name="DefaultConnection"
connectionString="Persist Security Info=False;Initial Catalog=Security;server=;user id=;password=;"
providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings></appSettings>
<system.web>
<authentication mode="None" />
<compilation debug="true" targetFramework="4.5.1" />
<httpRuntime targetFramework="4.5.1" />
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="DefaultConnection"
maxInvalidPasswordAttempts="1"
minRequiredPasswordLength="6"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
</system.web>
修改
以下要求是登录功能:
login.userLogin = function (username, password) {
jQuery.support.cors = true;
var error = '';
$.ajax({
url: 'http://localhost:60690/token',
method: 'POST',
data: {
username: username,
password: password,
grant_type: 'password'
},
success: function (response) {
$('#divLoginError').addClass('Hidden');
sessionStorage.setItem('accessToken', response.access_token);
sessionStorage.setItem('refreshToken', response.refresh_token);
sessionStorage.setItem('username', response.userName);
sessionStorage.setItem('expirationDatetime', moment().add(response.expires_in, 'seconds').format());
window.location = 'index.html';
},
error: function (jqXHR) {
var responseText = jqXHR.responseJSON;
$('#lblLoginError').text(responseText.error_description);
$('#divLoginError').removeClass('Hidden');
}
});
}