Javascript 检查用户是否已在客户端登录
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/35292378/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Check if user has logged in on client side
提问by Me Unagi
Is there a safe way to check if the user has logged into the application rather than checking if "sid" cookie exists in user's machine ?
有没有一种安全的方法来检查用户是否已登录到应用程序而不是检查用户机器中是否存在“sid”cookie?
I want to allow the user to proceed on certain links on a page only if they have logged in.
我想允许用户只有在登录后才能继续访问页面上的某些链接。
I do the login validation on the server side but want to avoid the request trip.
我在服务器端进行登录验证,但想避免请求行程。
Pure JS or JQuery solution would be appreciated.
纯 JS 或 JQuery 解决方案将不胜感激。
Thank you.
谢谢你。
回答by Rino Raj
Please try this
请试试这个
Put this code after user first log in
在用户首次登录后放置此代码
jQuery(window).load(function() {
sessionStorage.setItem('status','loggedIn')
});
When ever user clicks a link you can check like
当用户点击链接时,您可以检查
if (sessionStorage.getItem('status') != null))
//redirect to page
}
else{
//show validation message
}
回答by newBee
As you ask for a "safe way": No. You should always validate the user's session on the server side for all requests.
当您要求“安全方式”时:不。您应该始终在服务器端验证用户的所有请求的会话。
Something you could do though is to adapt the front end to the users current status. For example change the "Login"-Link to a "Logout"-Link. For this to work you could set some king of flag on the users machine. You could use the browser local storage for this (http://www.w3schools.com/html/html5_webstorage.asp).
您可以做的事情是使前端适应用户的当前状态。例如,将“登录”-链接更改为“注销”-链接。为此,您可以在用户机器上设置一些标志之王。您可以为此使用浏览器本地存储 ( http://www.w3schools.com/html/html5_webstorage.asp)。
Something else you could for example do is, to change the behavior of for example links:
例如,您可以做的其他事情是更改例如链接的行为:
$("a").click(function(e){
if(localStorage.getItem("isLoggedIn") !== true) {
e.preventDefault();
// this prevents navigation and you can now do your js stuff here
}
});
回答by Hasan_H
if you are using ASP.Net Identity you can check it as follows
如果您使用的是 ASP.Net Identity,您可以按如下方式检查
In Razor :
在剃刀中:
@inject SignInManager<ApplicationUser> SignInManager
@if (SignInManager.IsSignedIn(User))
{
<input type="hidden" id="logged" value="true" />
}
else
{
<input type="hidden" id="logged" value="false" />
}
In JS:
在JS中:
function check() {
var signed = $('#logged').val();
if (signed === 'true') {
//What you want to do
}
else {
window.location.href = "/YourController/YourAction?ReturnUrl=/YourReturnUrl;
}
}
回答by Suresh Gopineni
It should 100% works
它应该 100% 有效
Put this code after user Login Page(Login page Nextpage)
将此代码放在用户登录页面之后(登录页面下一页)
jQuery(window).load(function() {
sessionStorage.setItem('status','loggedIn')
});
When ever user clicks a link you can check any page with bellow code(Any page)
当用户单击链接时,您可以使用以下代码检查任何页面(任何页面)
if (sessionStorage.getItem('status') != null){
//redirect to page
alert("Is Login : True");
}
else{
//show validation message
alert("Is Login : False");
}
回答by danto
In my opinion you should save to your local storage an authTokenwith it expirationDate and then check if it expired or not every time you request something (GET not included) and also validate with the server if the authTokenis expired or not. 2 ways validation.
在我看来,您应该将其保存到本地存储中并authToken使用 expireDate ,然后在每次请求某些内容时检查它是否已过期(不包括 GET),并与服务器验证是否authToken已过期。2种方式验证。
Client to client and client to server. Both would be matched correctly.
客户端到客户端,客户端到服务器。两者都会正确匹配。
