我在使用MVC4用户授权时遇到问题。System.Web.Security.Membership.ValidateUser
返回true
。
然后进入FormsAuthentication.SetAuthCookie
,我在浏览器中看到一个cookie。
然后由于某种原因,User.Identity.IsAuthenticated
仍将求值为false
。
重定向后User.Identity.IsAuthenticated
仍然为false,并保持false
。
[AllowAnonymous]
[HttpPost]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
最佳答案
直到调用User.Identity.IsAuthenticated
后的下一个请求,FormsAuthentication.SetAuthCookie()
才会设置为true。
参见http://msdn.microsoft.com/en-us/library/twk5762b.aspx
The SetAuthCookie method adds a forms-authentication ticket to either the cookies collection, or to the URL if CookiesSupported is false. The forms-authentication ticket supplies forms-authentication information to the next request made by the browser.
关于asp.net-mvc - 设置cookie并验证后,User.Identity.IsAuthenticated返回false,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14508495/