当前位置:theitroad>asp.net-mvc User.Identity.IsAuthenticated 设置 cookie 并验证后返回 false

asp.net-mvc User.Identity.IsAuthenticated 设置 cookie 并验证后返回 false

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/14508495/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-09-08 02:33:34  来源:igfitidea点击:

User.Identity.IsAuthenticated returns false after setting cookie and validating

asp.net-mvcasp.net-mvc-4

提问by coryrwest

I am having a problem with MVC4 user authorization.

我在 MVC4 用户授权方面遇到了问题。

System.Web.Security.Membership.ValidateUserreturns true.
Then it gets to FormsAuthentication.SetAuthCookieand I see a cookie in my browser.
Then User.Identity.IsAuthenticatedstill evaluates to falsefor some reason.
User.Identity.IsAuthenticatedis still false after a redirect and stays false.

System.Web.Security.Membership.ValidateUser返回true
然后它开始了FormsAuthentication.SetAuthCookie,我在浏览器中看到了一个 cookie。
然后由于某种原因User.Identity.IsAuthenticated仍然评估false为。
User.Identity.IsAuthenticated重定向后仍为 false 并保持false.

[AllowAnonymous]
[HttpPost]
public ActionResult Login(LoginModel model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
        {
            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }
        else
        {
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

回答by jrummell

User.Identity.IsAuthenticatedwon't be set to true until the next request after calling FormsAuthentication.SetAuthCookie().

User.Identity.IsAuthenticated在调用 之后的下一个请求之前不会设置为 true FormsAuthentication.SetAuthCookie()

See http://msdn.microsoft.com/en-us/library/twk5762b.aspx

请参阅http://msdn.microsoft.com/en-us/library/twk5762b.aspx

The SetAuthCookie method adds a forms-authentication ticket to either the cookies collection, or to the URL if CookiesSupported is false. The forms-authentication ticket supplies forms-authentication information to the next request made by the browser.

SetAuthCookie 方法将表单身份验证票添加到 cookie 集合,如果 CookiesSupported 为 false,则添加到 URL。表单身份验证票为浏览器发出的下一个请求提供表单身份验证信息。

回答by Nalan Madheswaran

Check your webconfig, you have to enable forms authentication:

检查您的 webconfig,您必须启用表单身份验证:

Add following snippet inside

在里面添加以下代码段

   <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" timeout="3600" />
    </authentication>

Comment out if it is in your webconfig:

注释掉它是否在您的 webconfig 中:

<!--<modules>
      <remove name="FormsAuthentication" />
</modules>-->

Now you can check

现在你可以检查

WebSecurity.CurrentUserName, WebSecurity.CurrentUserId and , WebSecurity.IsAuthenticated flags;

WebSecurity.CurrentUserName、WebSecurity.CurrentUserId 和 WebSecurity.IsAuthenticated 标志;

回答by taylor michels

It requires an additional roundtrip (RedirectToAction), but this accomplished what I wanted. Also I am not using a strongly typed model in this sample but it demonstrates the idea. The code checks if the user is authenticated and if not sets the cookie, then redirects to itself. The second time it's called IsAuthenticated is true and the View is returned. Just make sure your form inputs are named userName and password.

它需要额外的往返 (RedirectToAction),但这实现了我想要的。此外,我没有在此示例中使用强类型模型,但它演示了这个想法。代码检查用户是否通过身份验证,如果没有设置 cookie,然后重定向到它自己。第二次调用 IsAuthenticated 时为真,返回视图。只需确保您的表单输入名为 userName 和 password。

[AllowAnonymous]
[HttpPost]
public ActionResult Login(string userName, string password, string returnUrl)
{
if (ModelState.IsValid)
{
    if (HttpContext.User.Identity.IsAuthenticated)
    {
        return View(returnUrl);
    }
    else
    {
        if (System.Web.Security.Membership.ValidateUser(userName, password))
        {
            FormsAuthentication.SetAuthCookie(userName, false);
            if (Url.IsLocalUrl(returnUrl))
            {
                return RedirectToAction("Login", new { userName = userName, password = password, returnUrl = returnUrl });
                //return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }
    }
    else
    {
        ModelState.AddModelError("", "The user name or password provided is incorrect.");
    }
}

// If we got this far, something failed, redisplay form
return View(model);
}

相关推荐

asp.net-mvc 如何填充 mvc razor 局部视图

asp.net-mvc 如何填充 mvc razor 局部视图

asp.net-mvc ASP.NET Web API,从 Flex FileReference 上传时 MIME 多部分流意外结束

asp.net-mvc ASP.NET Web API,从 Flex FileReference 上传时 MIME 多部分流意外结束

asp.net-mvc MVC 4 全局异常过滤器如何实现?

asp.net-mvc MVC 4 全局异常过滤器如何实现?

asp.net-mvc EntityType 'Category' 没有定义键。定义此 EntityType 的键

asp.net-mvc EntityType 'Category' 没有定义键。定义此 EntityType 的键

相关推荐
最近更新
标签