使用mvc无法登录时打开错误主页?

时间:2017-11-17 13:26:01

标签: c# asp.net-mvc asp.net-mvc-4

当我运行我的项目时,它进入登录页面工作正常

public class RouteConfig
    {
        public static void RegisterRoutes(RouteCollection routes)
        {
            routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

            routes.MapRoute(
                name: "Default",
                url: "{controller}/{action}/{id}",
                defaults: new { controller = "Account", action = "Login", id = UrlParameter.Optional }
            );
        }
    }

当我输入用户名和密码正确登录时

//[Authorize]
    //[InitializeSimpleMembership]
    public class AccountController : Controller
    {
        //
        // GET: /Account/
        public ActionResult Index()
        {
            return View();
        }

#region Login
        [HttpGet]
        [AllowAnonymous]
        public ActionResult Login()
        {
            return View();
        }

        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult Login(Login login)
        {
            if (ModelState.IsValid)
            {
                bool success = WebSecurity.Login(login.UserName, login.Password, false);
                var UserID = GetUserID_By_UserName(login.UserName);

                if (success == true)
                {
                    Session["Name"] = login.UserName;
                    Session["UserID"] = UserID;
                    return RedirectToAction("Index", "Home");
                }
                else
                {
                    ModelState.AddModelError("Error", "Please enter valid Username and Password");
                    return View(login);
                }

            }
            return View(login);
        }
        #endregion

}

Login

一旦我注销并清除会话,当我输入URL栏localhost:51426/Home/index到主页时,主页直接打开而没有登录。所以主页不应该在没有登录过程的情况下打开。

Empty

1 个答案:

答案 0 :(得分:3)

更改Index方法,以便Anonymous用户无法通过添加Authorize属性来访问该页面。

// GET: /Account/
[Authorize]
public ActionResult Index()
{
   return View();
}
相关问题
最新问题