在 MVC 中覆盖 HandleUnauthorizedRequest,导致登录页面不工作
override HandleUnauthorizedRequest in MVC ,causes Login page doesn't work
我的 MVC 应用程序中有 3 个区域 teacher,member,administrator。每个区域都有一个登录页面,我的意思是:
../aministrator/cms/login
../member/cms/login
../teacher/cms/login
我的登录控制器是这样的:
[HttpGet]
public ActionResult Login(string returnUrl)
{
return View(); // show the login page
}
UserRepository ObjUserRepository = new UserRepository();
[HttpPost]
public ActionResult Login(DomainClass.User loginInfo, string returnUrl)
{
if (ObjUserRepository.FindBy(i => i.Email == loginInfo.Email & i.Password == loginInfo.Password).Any())
{
DomainClass.User objUser = ObjUserRepository.FindBy(i => i.Email == loginInfo.Email & i.Password == loginInfo.Password).FirstOrDefault();
FormsAuthentication.SetAuthCookie(loginInfo.Name, false);
if (shouldRedirect(returnUrl))
{
return Redirect(returnUrl);
}
if (objUser.Pemission == "professor")
{
return RedirectToAction("Index", "Home", new { area = "Teacher" });
}
}
return View(loginInfo);
}
我在每个区域都有一个 home 控制器。我的意思是登录后页面应该重定向到 home/index
我家的控制器是这样的:
[AreaAuthorize("Teacher")]
public class HomeController : Controller
{
//
// GET: /Teacher/Home/
public ActionResult Index()
{
return View();
}
}
但问题是页面无法重定向到 /home/index,它仍保留在 cms/login,为什么?
覆盖授权:
public class AreaAuthorizeAttribute : AuthorizeAttribute
{
private readonly string area;
public AreaAuthorizeAttribute(string area)
{
this.area = area;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
string loginUrl = "";
if (area == "Administrator")
{
loginUrl = "~/Administrator/CMS/Login";
}
else if (area == "Member")
{
loginUrl = "~/User/CMS/Login";
}
else if (area == "Teacher")
{
loginUrl = "~/Teacher/CMS/Login";
}
filterContext.Result = new RedirectResult(loginUrl + "?returnUrl=" + filterContext.HttpContext.Request.Url.PathAndQuery);
}
}
此致
要将解决方案也作为答案:
对于 MVC 5,默认身份验证基于OWIN 身份验证中间件。
如果要使用FormsAuthentication,需要在web.config
中手动添加
<authentication mode="Forms">
<forms timeout="50000000" />
</authentication>
我的 MVC 应用程序中有 3 个区域 teacher,member,administrator。每个区域都有一个登录页面,我的意思是:
../aministrator/cms/login
../member/cms/login
../teacher/cms/login
我的登录控制器是这样的:
[HttpGet]
public ActionResult Login(string returnUrl)
{
return View(); // show the login page
}
UserRepository ObjUserRepository = new UserRepository();
[HttpPost]
public ActionResult Login(DomainClass.User loginInfo, string returnUrl)
{
if (ObjUserRepository.FindBy(i => i.Email == loginInfo.Email & i.Password == loginInfo.Password).Any())
{
DomainClass.User objUser = ObjUserRepository.FindBy(i => i.Email == loginInfo.Email & i.Password == loginInfo.Password).FirstOrDefault();
FormsAuthentication.SetAuthCookie(loginInfo.Name, false);
if (shouldRedirect(returnUrl))
{
return Redirect(returnUrl);
}
if (objUser.Pemission == "professor")
{
return RedirectToAction("Index", "Home", new { area = "Teacher" });
}
}
return View(loginInfo);
}
我在每个区域都有一个 home 控制器。我的意思是登录后页面应该重定向到 home/index
我家的控制器是这样的:
[AreaAuthorize("Teacher")]
public class HomeController : Controller
{
//
// GET: /Teacher/Home/
public ActionResult Index()
{
return View();
}
}
但问题是页面无法重定向到 /home/index,它仍保留在 cms/login,为什么?
覆盖授权:
public class AreaAuthorizeAttribute : AuthorizeAttribute
{
private readonly string area;
public AreaAuthorizeAttribute(string area)
{
this.area = area;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
string loginUrl = "";
if (area == "Administrator")
{
loginUrl = "~/Administrator/CMS/Login";
}
else if (area == "Member")
{
loginUrl = "~/User/CMS/Login";
}
else if (area == "Teacher")
{
loginUrl = "~/Teacher/CMS/Login";
}
filterContext.Result = new RedirectResult(loginUrl + "?returnUrl=" + filterContext.HttpContext.Request.Url.PathAndQuery);
}
}
此致
要将解决方案也作为答案:
对于 MVC 5,默认身份验证基于OWIN 身份验证中间件。
如果要使用FormsAuthentication,需要在web.config
<authentication mode="Forms">
<forms timeout="50000000" />
</authentication>