C# 关于多页共享表单身份验证Cookie的一个问题_C#_Asp.net_Authentication_Cookies_Forms Authentication

C# 关于多页共享表单身份验证Cookie的一个问题

c# asp.net authentication cookies

C# 关于多页共享表单身份验证Cookie的一个问题,c#,asp.net,authentication,cookies,forms-authentication,C#,Asp.net,Authentication,Cookies,Forms Authentication,在我的应用程序中，我使用表单身份验证。我的身份验证代码如下： public static void Authenticate(bool redirectToPage, ISecurityUser user, params string[] roles) { FormsAuthentication.Initialize(); GenericIdentity id = new GenericIdentity(user.UserName); Ex

在我的应用程序中，我使用表单身份验证。我的身份验证代码如下：

public static void Authenticate(bool redirectToPage, ISecurityUser user, params string[] roles)
    {
        FormsAuthentication.Initialize();
        GenericIdentity id = new GenericIdentity(user.UserName);
        ExtendedPrincipal principal = new ExtendedPrincipal(id, user, roles);
        //ExtendedPrincipal principal = new ExtendedPrincipal(id, user, new string[] { "1" });

        string compressedPrincipal = ConvertPrincipalToCompressedString(principal);

        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserName, DateTime.Now, DateTime.Now.AddMinutes(30), true, compressedPrincipal, FormsAuthentication.FormsCookiePath);

        string hash = FormsAuthentication.Encrypt(ticket);
        HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

        //cookie.HttpOnly = false;
        //cookie.Expires = DateTime.Now.AddMinutes(30);

        HttpContext.Current.Response.Cookies.Add(cookie);

        if (redirectToPage)
        {
            HttpContext.Current.Response.Redirect(FormsAuthentication.GetRedirectUrl(user.UserName, true));
        }
    }

用户对象包含FirmID和DealerID属性。登录应用程序后，我可以从应用程序中替换FirmID和DealerID。更改流程后，将运行此代码：

public static void RefreshIdentitiy(ISecurityUser user)
    {
        HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
        FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
        HttpContext.Current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName);

        ExtendedPrincipal principal = ConvertCompressedStringToPrincipal(ticket.UserData);
        principal.BindProperties(user);

        FormsAuthenticationTicket newticket = new FormsAuthenticationTicket(
        ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration,
        ticket.IsPersistent, ConvertPrincipalToCompressedString(principal), ticket.CookiePath);

        cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(newticket));

        HttpContext.Current.Response.Cookies.Add(cookie);            
    }

我的问题是：当我从第二页打开应用程序时，第二页的cookie会压碎第一页的cookie。所以第一页的FirmID和DealerID也发生了变化

当我从第二页打开应用程序时，我不希望cookie压碎另一个。对此问题我能做些什么？

您应该在所有页面上执行以下操作：

if(Request.Cookies[FormsAuthentication.FormsCookieName]!=null)
{
        HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

        cookie.HttpOnly = false;
        cookie.Expires = DateTime.Now.AddMinutes(30);

        HttpContext.Current.Response.Cookies.Add(cookie);
}

编辑

我的目标是确保您不会每次进入新页面时都覆盖cookie

您编写代码的目的是什么？你能解释一下，我为什么这么做吗？