C# MVC表单身份验证在视图中无效
我正在验证一个用户:C# MVC表单身份验证在视图中无效,c#,asp.net,asp.net-mvc,forms-authentication,C#,Asp.net,Asp.net Mvc,Forms Authentication,我正在验证一个用户: [Route("Login"), HttpPost, AllowAnonymous] public LoginViewModelResponse Login(LoginViewModelRequest data) { if(!Membership.ValidateUser(data.Username, data.Password)) { retu
[Route("Login"), HttpPost, AllowAnonymous]
public LoginViewModelResponse Login(LoginViewModelRequest data)
{
if(!Membership.ValidateUser(data.Username, data.Password))
{
return new LoginViewModelResponse
{
DisplayMessage = "Invalid Username/Password!",
IsSuccess = false,
RedirectUrl = "/Home/"
};
}
FormsAuthentication.SetAuthCookie(data.Username, false);
ClaimsIdentity identity = new GenericIdentity(data.Username);
var roles = "Administrator,User".Split(',');
// var client = AuthorisationService.instance.GetAuthenticatedUser();// new ClientService().GetClientById(1);
var principle = new GenericPrincipal(identity, roles);
HttpContext.Current.User = principle;
System.Threading.Thread.CurrentPrincipal = principle;
if (User.IsInRole("Administrator"))
{
var b = 1;
}
return new LoginViewModelResponse
{
IsSuccess = true,
DisplayMessage = "OK",
RedirectUrl = "/Home/"
};
}
“IsInRole”的测试正在进行中
但是,我的视图(_布局)中有以下内容,并且管理员检查失败
if (ViewContext.HttpContext.User.IsInRole("Administrator"))
{
<li class="dropdown">
...
但是'IsInRole'的计算结果总是为false。因为您自己设置了FormsAuthenticationCookie,所以需要创建Principle对象,并在AuthenticateRequest事件中的每个请求中将其分配给当前线程 Global.asax.cs
public class Global : HttpApplication
{
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
HttpCookie decryptedCookie =
Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (decryptedCookie != null)
{
FormsAuthenticationTicket ticket =
FormsAuthentication.Decrypt(decryptedCookie.Value);
var identity = new GenericIdentity(ticket.Name);
var roles = ticket.UserData.Split(',');
var principal = new GenericPrincipal(identity, roles);
HttpContext.Current.User = principal;
Thread.CurrentPrincipal = HttpContext.Current.User;
}
}
}
登录方法
public void SignIn(string username, bool createPersistentCookie)
{
var now = DateTime.UtcNow.ToLocalTime();
TimeSpan expirationTimeSpan = FormsAuthentication.Timeout;
var ticket = new FormsAuthenticationTicket(
1 /*version*/,
username,
now,
now.Add(expirationTimeSpan),
createPersistentCookie,
"" /*userData*/,
FormsAuthentication.FormsCookiePath);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
encryptedTicket)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Path = FormsAuthentication.FormsCookiePath
};
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
Response.Cookies.Add(cookie);
}
谢谢,这听起来像是我要试试的东西。我是不是把饼干放错了?有没有更好的方法来实现这一点?似乎我需要在每次身份验证时从数据库中获取角色,并且该方法会为每个视图触发。您需要将角色保存在UserData中,以避免查询每个请求的数据。我更新了答案。谢谢你,@win。太好了。我使用身份验证的方法可以接受吗?谢谢。我已经更新了我的问题。我的登录方法是一个Api调用。我没有访问“Response.Cookies”的权限。你能帮我改变一下吗?
public void SignIn(string username, bool createPersistentCookie)
{
var now = DateTime.UtcNow.ToLocalTime();
TimeSpan expirationTimeSpan = FormsAuthentication.Timeout;
var ticket = new FormsAuthenticationTicket(
1 /*version*/,
username,
now,
now.Add(expirationTimeSpan),
createPersistentCookie,
"" /*userData*/,
FormsAuthentication.FormsCookiePath);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
encryptedTicket)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Path = FormsAuthentication.FormsCookiePath
};
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
Response.Cookies.Add(cookie);
}