我有一个基于 ASP.NET MVC 4 的项目,可以进行简单的身份验证。
我试图让我的网站在用户选中“记住我”复选框时自动登录。但是我在使其正常工作时遇到问题。关闭浏览器并重新打开后,用户永远不会登录。
检查( http://forums.asp.net/t/1654606.aspx#4310292 )后,我添加了一个由 IIS 生成的计算 secret 钥。我已设置在运行时自动生成和为每个应用程序生成唯一 key 均已禁用并且我已生成 key )。不幸的是这并没有奏效。
查看 "Remember me" with ASP.NET MVC Authentication is not working ,我在行中添加了 FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe) 但这也不起作用,所以我现在将其注释掉。
我尝试了 ASP.NET MVC RememberMe 上给出的答案但这似乎也不起作用。
我是否遗漏了一些明显的东西?
//FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (model.RememberMe)
{
//int timeout = model.RememberMe ? 525600 : 2; // Timeout in minutes,525600 = 365 days
int timeout = 525600;
var ticket = new FormsAuthenticationTicket(model.UserName, model.RememberMe, timeout);
string encrypted = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
cookie.Expires = System.DateTime.Now.AddMinutes(timeout);//My Line
Response.Cookies.Add(cookie);
}
最佳答案
我就是这样做的
public class MyAuthentication
{
public static HttpCookie GetAuthenticationCookie(LoginModel model, bool persistLogin)
{
// userData storing data in ticktet and then cookie
JavaScriptSerializer js = new JavaScriptSerializer();
var userData = js.Serialize(model);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
"akash",
DateTime.Now,
DateTime.Now.AddHours(1),
persistLogin,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie cookie= new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
cookie.Expires = authTicket.Expiration; //must do it for cookie expiration
return cookie;
}
internal static bool Login(string UserName, string Password)
{
//UserName="akash" Password="akash"
//check can be done by DB
if (UserName== "akash" && Password == "akash")
return true;
else
return false;
}
}
然后
[HttpGet]
[AllowAnonymous]
public ActionResult Login()
{
//ViewBag.Message = "Your contact page.";
HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
// var ek = cookie.Value;
try
{
//some times no cookie in browser
JavaScriptSerializer js = new JavaScriptSerializer();
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
//string data = ticket.UserData;
LoginModel model = js.Deserialize<LoginModel>(ticket.UserData);
if (MyAuthentication.Login(model.UserName, model.Password) == true)
{
RedirectToAction("Index", "Home");
}
}
catch
{
}
return View();
您可以在 Global.asax 或授权过滤器上检查它。 确保你有 web.config
<authentication mode="Forms">
<forms defaultUrl="/Home/Login" loginUrl="/home/Login" timeout="2880">
</forms>
</authentication>
所有 Controller 之前的[Authorize]属性。
关于ASP.NET MVC 记住我,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24904528/