如何从控制器授权 asp(mvc) 项目?
how authorization asp(mvc) project from controller?
我是 asp 的新手,我为我的 Web 项目创建了一个登录页面,但是我设置了身份验证,但我无法为我的项目设置授权!我看到很多这样的链接 Authentication and Authorization in ASP.NET Web API
但无法在我自己的项目中实施这些,我不知道我必须从哪里开始?!
感谢您的帮助!
这是我的控制器:
public class AuthenticationController : Controller
{
private modelLayOut mLO = new modelLayOut();
public bool existBool = false;
// GET: Authentication
public ActionResult Index()
{
return View();
}
public ActionResult applicantAuthentication()
{
return View("ApplicantAuthentication");
}
public ActionResult applicantIsExist()
{
return View("applicantIsExist");
}
public ActionResult applicantPassIsWrong()
{
return View("applicantPassIsWrong");
}
public ActionResult applicantNotExist()
{
return View("applicantNotExist");
}
[HttpPost]
public ActionResult applicantCreate(string Username, string Password, string RepeatPassword)
{
if (mLO.applicantExistCheck(Username))
{
return View("applicantIsExist");
}
else
{
mLO.insertNewApplicant(Username, Password);
return View("ApplicantAuthentication");
}
}
[HttpPost]
public ActionResult applicantAccess(string Username, string Password)
{
if (mLO.applicantAccess(Username, Password))
{
return RedirectToAction("Home", "Home");
}
else
{
if (mLO.applicantExistCheck(Username))
{
return View("applicantPassIsWrong");
}
else
{
return View("applicantNotExist");
}
}
}
//agency part
public ActionResult agencyAuthentication()
{
return View("AgencyAuthentication");
}
public ActionResult agencyPassIsWrong()
{
return View("agencyPassIsWrong");
}
public ActionResult agencyNotExist()
{
return View("agencyNotExist");
}
[HttpPost]
public ActionResult agencyAccess(string Username, string Password)
{
if (mLO.agencyAccess(Username, Password))
{
return RedirectToAction("Home", "Home");
}
else
{
if (mLO.agencyExistCheck(Username))
{
return View("agencyPassIsWrong");
}
else
{
return View("agencyNotExist");
}
}
}
//webAdmin
public ActionResult webAdminAuthentication()
{
return View("WebAdminAuthentication");
}
public ActionResult webAdminAccessWrong()
{
return View("webAdminAccessWrong");
}
[HttpPost]
public ActionResult webAdminAccess(string Username, string Password)
{
if (mLO.webAdminAccess(Username, Password))
{
Session["Username"] = Username;
return RedirectToAction("webAdminPage", "Admin");
}
else
{
return View("webAdminAccessWrong");
}
}
如果你想在你的整个控制器上授权,只需在你的控制器上设置授权属性:
[Authorize]
public class AuthenticationController : Controller
{
}
如果您想要对单个操作进行授权:
public class AuthenticationController : Controller
{
[Authorize]
public ActionResult Index()
{
ViewBag.Message = "Welcome, " + HttpContext.User.Identity.Name;
}
}
编辑:只有经过身份验证的用户才能通过授权的方法或控制器进行导航
您需要完全理解 ASP.NET 5 Identity model(检查 here and here). Then you should implement that with any changes suits to your project. One of the most important things about ASP.NET 5 Identity is its simplicity and flexibility to use with different user types and accessibility with just using annotations for methods. If you have previous experience with SQL Membership, check here to find out how to Migrating from SQL Membership to ASP.NET Identity. Or if you have previous experience with ASP.NET Membership, check here 了解如何从 ASP.NET 成员身份迁移到 ASP.NET 身份。
关于你在how say: "welcome PERSON NAME" ?上的问题,实施后ASP.NET 5身份,你只需要有
System.Web.HttpContext.Current.User.Identity.Name
在任何你需要的地方!
我是 asp 的新手,我为我的 Web 项目创建了一个登录页面,但是我设置了身份验证,但我无法为我的项目设置授权!我看到很多这样的链接 Authentication and Authorization in ASP.NET Web API 但无法在我自己的项目中实施这些,我不知道我必须从哪里开始?! 感谢您的帮助!
这是我的控制器:
public class AuthenticationController : Controller
{
private modelLayOut mLO = new modelLayOut();
public bool existBool = false;
// GET: Authentication
public ActionResult Index()
{
return View();
}
public ActionResult applicantAuthentication()
{
return View("ApplicantAuthentication");
}
public ActionResult applicantIsExist()
{
return View("applicantIsExist");
}
public ActionResult applicantPassIsWrong()
{
return View("applicantPassIsWrong");
}
public ActionResult applicantNotExist()
{
return View("applicantNotExist");
}
[HttpPost]
public ActionResult applicantCreate(string Username, string Password, string RepeatPassword)
{
if (mLO.applicantExistCheck(Username))
{
return View("applicantIsExist");
}
else
{
mLO.insertNewApplicant(Username, Password);
return View("ApplicantAuthentication");
}
}
[HttpPost]
public ActionResult applicantAccess(string Username, string Password)
{
if (mLO.applicantAccess(Username, Password))
{
return RedirectToAction("Home", "Home");
}
else
{
if (mLO.applicantExistCheck(Username))
{
return View("applicantPassIsWrong");
}
else
{
return View("applicantNotExist");
}
}
}
//agency part
public ActionResult agencyAuthentication()
{
return View("AgencyAuthentication");
}
public ActionResult agencyPassIsWrong()
{
return View("agencyPassIsWrong");
}
public ActionResult agencyNotExist()
{
return View("agencyNotExist");
}
[HttpPost]
public ActionResult agencyAccess(string Username, string Password)
{
if (mLO.agencyAccess(Username, Password))
{
return RedirectToAction("Home", "Home");
}
else
{
if (mLO.agencyExistCheck(Username))
{
return View("agencyPassIsWrong");
}
else
{
return View("agencyNotExist");
}
}
}
//webAdmin
public ActionResult webAdminAuthentication()
{
return View("WebAdminAuthentication");
}
public ActionResult webAdminAccessWrong()
{
return View("webAdminAccessWrong");
}
[HttpPost]
public ActionResult webAdminAccess(string Username, string Password)
{
if (mLO.webAdminAccess(Username, Password))
{
Session["Username"] = Username;
return RedirectToAction("webAdminPage", "Admin");
}
else
{
return View("webAdminAccessWrong");
}
}
如果你想在你的整个控制器上授权,只需在你的控制器上设置授权属性:
[Authorize]
public class AuthenticationController : Controller
{
}
如果您想要对单个操作进行授权:
public class AuthenticationController : Controller
{
[Authorize]
public ActionResult Index()
{
ViewBag.Message = "Welcome, " + HttpContext.User.Identity.Name;
}
}
编辑:只有经过身份验证的用户才能通过授权的方法或控制器进行导航
您需要完全理解 ASP.NET 5 Identity model(检查 here and here). Then you should implement that with any changes suits to your project. One of the most important things about ASP.NET 5 Identity is its simplicity and flexibility to use with different user types and accessibility with just using annotations for methods. If you have previous experience with SQL Membership, check here to find out how to Migrating from SQL Membership to ASP.NET Identity. Or if you have previous experience with ASP.NET Membership, check here 了解如何从 ASP.NET 成员身份迁移到 ASP.NET 身份。
关于你在how say: "welcome PERSON NAME" ?上的问题,实施后ASP.NET 5身份,你只需要有
System.Web.HttpContext.Current.User.Identity.Name
在任何你需要的地方!