Asp.net mvc 无法使用表单身份验证从网站完全注销
我正在使用表单身份验证对我的网站中的请求进行身份验证和授权 以下是登录代码:Asp.net mvc 无法使用表单身份验证从网站完全注销,asp.net-mvc,authentication,cookies,authorization,forms-authentication,Asp.net Mvc,Authentication,Cookies,Authorization,Forms Authentication,我正在使用表单身份验证对我的网站中的请求进行身份验证和授权 以下是登录代码: var objLogin = new LoginModel { Email = model.Email, Password = CommonMethod.Encryptdata(model.Password) }; var UserDetail = Users.LoginUser(objLogin); if (UserDetail.ErrorMessage == "SuccessLogin") { var U
var objLogin = new LoginModel { Email = model.Email, Password = CommonMethod.Encryptdata(model.Password) };
var UserDetail = Users.LoginUser(objLogin);
if (UserDetail.ErrorMessage == "SuccessLogin")
{
var UserData = UserDetail.UserId + "," + UserDetail.UserRole + "," + UserDetail.Email + "," + UserDetail.FirstName + "," + UserDetail.LastName;
DateTime expirydate = DateTime.Now.AddDays(10);
var Ticket = new FormsAuthenticationTicket(1, UserDetail.Email, DateTime.Now, expirydate, true, UserData, FormsAuthentication.FormsCookieName);
string hashCookies = FormsAuthentication.Encrypt(Ticket);
var Cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies);
Response.Cookies.Add(Cookie);
ViewBag.InActiveStatus = "";
//Code for expiration
if (Ticket.IsPersistent)
{
Cookie.Expires = Ticket.Expiration;
}
if (!string.IsNullOrEmpty(returnUrl))
return Redirect(returnUrl);
}
我正在使用持久cookie
用于注销网站的方法包含以下代码:
FormsAuthentication.SignOut();
Session.Abandon();
Session.Clear();
Session.RemoveAll();
string[] myCookies = Request.Cookies.AllKeys;
foreach (string cookie in myCookies)
{
Response.Cookies[cookie].Expires = DateTime.Now.AddYears(-1);
}
return RedirectToAction("Login", "Account");
我面临的问题是,在注销后,我可以在家用控制器上冲浪
页。我已经在所有主控制器方法上实现了AuthorizeRoles=user
[Authorize(Roles = "user")]
public ActionResult Index()
但是我不能在家以外的其他控制器上浏览网页
在质询控制器中,使用以下方法:
[Authorize(Roles = "user")]
public ActionResult MyChallenges()
当我强制清理浏览器cookies时,问题就解决了。但从用户体验的角度来看,这不推荐给普通用户
请告诉我为什么会这样?提前谢谢 各位专家您好 我还在等我的答案 谢谢 伊玛斯图