使用 ASP.NET MVC 身份验证的“记住我”不起作用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/513949/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
"Remember me" with ASP.NET MVC Authentication is not working
提问by Tomas Aschan
I have a standard ASP.NET MVC (RC Refresh) web project, with the standard ASP.NET Membership provider and the Account controller that is included in the project template.
我有一个标准的 ASP.NET MVC (RC Refresh) web 项目,带有标准的 ASP.NET Membership provider 和包含在项目模板中的 Account 控制器。
When I check "Remember me" in my Login form, I am still not being remembered by the site. (Firefox remembers my username and password, but what I expected to happen was to be automatically logged on).
当我在登录表单中勾选“记住我”时,网站仍然没有记住我。(Firefox 会记住我的用户名和密码,但我期望发生的是自动登录)。
Do I have to set and check the cookie manually? If so, how should it best be done?
我是否必须手动设置和检查 cookie?如果是这样,应该怎么做最好?
回答by Todd Smith
You need to pass true/false to the SetAuthCookie method.
您需要将 true/false 传递给 SetAuthCookie 方法。
public ActionResult Login (string email, string password, bool rememberMe, string returnUrl)
{
// snip
FormsAuth.SetAuthCookie(username, rememberMe); // <- true/false
// snip
}
and make sure that bool rememberMereflects the status of the checkbox on your login page.
并确保bool rememberMe反映登录页面上复选框的状态。
回答by tvanfosson
You need to generate a persistent cookie in the controller method that handles logon when the Remember Me box is checked. If you are using RedirectFromLoginPage, set the createPersistentCookie argument to true.
在检查记住ME框时,需要在控制登录时生成一个持久性cookie。如果您使用的是RedirectFromLoginPage,请将 createPersistentCookie 参数设置为true。
回答by granadaCoder
These 3 methods helped me persist a cookie.
这 3 种方法帮助我持久化 cookie。
Note, if the user unselects "Remember Me", you'll want to remove the cookie.
请注意,如果用户取消选择“记住我”,您将需要删除 cookie。
private const string RememberMeCookieName = "MyCookieName";
private string CheckForCookieUserName()
{
string returnValue = string.Empty;
HttpCookie rememberMeUserNameCookie = Request.Cookies.Get(RememberMeCookieName);
if (null != rememberMeUserNameCookie)
{
/* Note, the browser only sends the name/value to the webserver, and not the expiration date */
returnValue = rememberMeUserNameCookie.Value;
}
return returnValue;
}
private void CreateRememberMeCookie(string userName)
{
HttpCookie rememberMeCookie = new HttpCookie(RememberMeCookieName, userName);
rememberMeCookie.Expires = DateTime.MaxValue;
Response.SetCookie(rememberMeCookie);
}
private void RemoveRememberMeCookie()
{
/* k1ll the cookie ! */
HttpCookie rememberMeUserNameCookie = Request.Cookies[RememberMeCookieName];
if (null != rememberMeUserNameCookie)
{
Response.Cookies.Remove(RememberMeCookieName);
rememberMeUserNameCookie.Expires = DateTime.Now.AddYears(-1);
rememberMeUserNameCookie.Value = null;
Response.SetCookie(rememberMeUserNameCookie);
}
}
