C# 访问表单身份验证票证_C#_Asp.net_Authentication

C# 访问表单身份验证票证

c# asp.net authentication

C# 访问表单身份验证票证,c#,asp.net,authentication,C#,Asp.net,Authentication,我正在使用表单身份验证cookie存储用户详细信息 FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName,DateTime.Now,DateTime.Now.AddMinutes(Timeout)false}; string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie

我正在使用表单身份验证cookie存储用户详细信息

FormsAuthenticationTicket authTicket = new  FormsAuthenticationTicket(1, userName,DateTime.Now,DateTime.Now.AddMinutes(Timeout)false};

string encryptedTicket = FormsAuthentication.Encrypt(authTicket);

HttpCookie authCookie = new HttpCookie(
FormsAuthentication.FormsCookieName,encryptedTicket);    

HttpContext.Current.Response.Cookies.Add(authCookie);

如何取回添加的cookie和用户详细信息（authTicket）？

您可以使用类似以下的代码检索：

// Retrieves the cookie that contains your custom FormsAuthenticationTicket.
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];

// Decrypts the FormsAuthenticationTicket that is held in the cookie's .Value property.
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

// The "authTicket" variable now contains your original, custom FormsAuthenticationTicket,
// complete with User-specific custom data.  You can then check that the FormsAuthenticationTicket's
// .Name property is for the correct user, and perform the relevant functions with the ticket.
// Here, we simply write the user-specific data to the Http Response stream.
if (authTicket.Name == txtUserName.Text)
{
    Response.Write(authTicket.UserData);
}

上面的代码引用了类似于

txtUserName.Text

的内容，因此这里有一个完整的.ASPX页面，您可以将其粘贴到空的ASP.NET webform中以查看其工作原理：

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">


    protected void Page_Load(object sender, EventArgs e)
    {
        double Timeout = 15.00;

        if (!IsPostBack)
        {
            FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,txtUserName.Text,
                    DateTime.Now,DateTime.Now.AddMinutes(Timeout), false, "This is my secret user-specific data");

            string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
            HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName,encryptedTicket);
            HttpContext.Current.Response.Cookies.Add(authCookie);
        }
        else
        {
            // Retrieves the cookie that contains your custom FormsAuthenticationTicket.
            HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];

            // Decrypts the FormsAuthenticationTicket that is held in the cookie's .Value property.
            FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

            // The "authTicket" variable now contains your original, custom FormsAuthenticationTicket,
            // complete with User-specific custom data.  You can then check that the FormsAuthenticationTicket's
            // .Name property is for the correct user, and perform the relevant functions with the ticket.
            // Here, we simply write the user-specific data to the Http Response stream.
            if (authTicket.Name == txtUserName.Text)
            {
                Response.Write(authTicket.UserData);
            }
        }
    }        
</script>


<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <div>
            <table>
                <tr>
                    <td>
                        UserName:
                    </td>
                    <td>
                        <asp:TextBox ID="txtUserName" runat="server"></asp:TextBox>   
                    </td>
                </tr>
                 <tr>
                    <td>
                        Password:
                    </td>
                    <td>
                        <asp:TextBox ID="txtPassword" runat="server"></asp:TextBox>   
                    </td>
                </tr>
                <tr>
                    <td>
                        <asp:Button ID="Button1" runat="server" Text="Login" />
                    </td>
                </tr>
            </table>
        </div>
    </form>
</body>
</html>


受保护的无效页面加载（对象发送方、事件参数e）
{
双超时=15.00；
如果（！IsPostBack）
{
FormsAuthTicket=new FormsAuthTicket（1，txtUserName.Text，
DateTime.Now，DateTime.Now.AddMinutes（超时），false，“这是我的秘密用户特定数据”）；
字符串encryptedTicket=FormsAuthentication.Encrypt（authTicket）；
HttpCookie authCookie=新的HttpCookie（FormsAuthentication.FormScookeName，encryptedTicket）；
HttpContext.Current.Response.Cookies.Add（authCookie）；
}
其他的
{
//检索包含自定义表单身份验证票证的cookie。
HttpCookie authCookie=HttpContext.Current.Request.Cookie[FormsAuthentication.FormScookeName]；
//解密保存在cookie的.Value属性中的FormsAuthenticationTicket。
FormsAuthenticationTicket authTicket=FormsAuthentication.Decrypt（authCookie.Value）；
//“authTicket”变量现在包含您的原始自定义表单AuthenticationTicket，
//填写用户特定的自定义数据。然后，您可以检查FormsAuthenticationTicket是否
//.Name属性用于正确的用户，并使用票证执行相关功能。
//这里，我们只需将特定于用户的数据写入Http响应流。
if（authTicket.Name==txtUserName.Text）
{
Response.Write（authTicket.UserData）；
}
}
}        
表单身份验证登录
用户名：
密码：