本文共 5407 字,大约阅读时间需要 18 分钟。
web.config (只有用户信息存放在web.config中,才可以使用FormsAuthentication.Authenticate)login.aspx
<%@ Page Language="C#" Debug="true" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %>login.aspx.csForms Authentication Login
protected void Login_Click(object sender, EventArgs e) { string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = PersistCheckBox.Checked; if (FormsAuthentication.Authenticate(username, password)) { FormsAuthentication.RedirectFromLoginPage(username, isPersistent);/* HttpCookie cookie = FormsAuthentication.GetAuthCookie(username, isPersistent); cookie.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cookie); Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent);*/ } else throw new Exception("登录失败!!!"); }default.aspx.cs
protected void Logout_Click(object sender, EventArgs e) { FormsAuthentication.SignOut(); FormsAuthentication.RedirectToLoginPage(); }数据库验证
protected void Login_Click(object sender, EventArgs e) { string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = PersistCheckBox.Checked; string source = "server=(local);integrated security=SSPI;database=mytest"; string select = "SELECT count(*) FROM [Login] WHERE UserName='" + username + "' AND UserPassword='" + password + "'"; // string update = "UPDATE [Login] set LoginTime=LoginTime+1, LastLogin='" + DateTime.Now + "' WHERE UserName='" + username + "'"; SqlConnection conn = new SqlConnection(source); conn.Open(); SqlCommand cmd = new SqlCommand(select, conn); int count = Convert.ToInt32(cmd.ExecuteScalar()); if (count >= 1) { // cmd = new SqlCommand(update, conn); // cmd.ExecuteNonQuery(); string userData = "ApplicationSpecific data for this user."; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(1), isPersistent, userData, FormsAuthentication.FormsCookiePath); string encTicket = FormsAuthentication.Encrypt(ticket); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); // if (HttpContext.Current.User.IsInRole("Admin")) // ...... Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)); // 不要使用FormsAuthentication.RedirectFromLoginPage,这个方法会重写cookie。 } else throw new Exception("登录失败!!!"); }Login表
CREATE TABLE [Login] (LoginId smallint IDENTITY(1,1) NOT NULL,UserName nvarchar(20) NOT NULL,UserPassword nvarchar(20) NOT NULL)INSERT INTO [Login] VALUES ('xiaobai', 'xiaobai')角色验证
protected void Login_Click(object sender, EventArgs e) { string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = PersistCheckBox.Checked; string source = "server=(local);integrated security=SSPI;database=mytest"; string select = "SELECT count(*) FROM [Login] WHERE UserName='" + username + "' AND UserPassword='" + password + "'"; SqlConnection conn = new SqlConnection(source); conn.Open(); SqlCommand cmd = new SqlCommand(select, conn); int count = Convert.ToInt32(cmd.ExecuteScalar()); if (count >= 1) { string userData = "Admin"; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(1), isPersistent, userData, FormsAuthentication.FormsCookiePath); string encTicket = FormsAuthentication.Encrypt(ticket); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)); } else throw new Exception("登录失败!!!"); }Global.asax
<%@ Import Namespace="System.Security.Principal" %>protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName]; if (null == authCookie) return; FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); string[] roles = authTicket.UserData.Split(new char[] { ',' }); // Context.User = new GenericPrincipal(new FormsIdentity(authTicket), roles); Context.User = new GenericPrincipal(Context.User.Identity, roles); }
转载地址:http://apsli.baihongyu.com/