MVC中基于角色的基于表单的身份验证
Form based Authentication based on Role in MVC
我想使用表单身份验证创建基于角色的身份验证。请在下面找到我的控制器代码:-
[HttpPost]
public ActionResult Login(tblUser user)
{
DataClasses1DataContext dbcontext = new DataClasses1DataContext();
List<Mvc4API.linqtosql.tblUser> lstuser = dbcontext.tblUsers.ToList();
string message = string.Empty;
bool userlogin = lstuser.Exists(x => x.UserName == user.UserName && x.Password == user.Password);
if (userlogin)
{
FormsAuthentication.SetAuthCookie(user.UserName, true);
//role = "BB";
string Role = GetRoles(user.UserName);
return RedirectToAction("InsertProduct", "Product");
}
else
{
message = "Invalid User";
}
ViewBag.Message = message;
return View(user);
}
private string GetRoles(string UserName)
{
UserEntities userEntities = new Mvc4API.UserEntities();
List<tblUser> lstuser = userEntities.tblUsers.ToList();
List<tblRole> lstrole = userEntities.tblRoles.ToList();
var role = from u in lstuser
join r in lstrole on u.RoleId equals r.Id
where u.UserName == UserName
select r.RoleName.ToString();
string roletype = "";
foreach (var item in role)
{
roletype = item.ToString();
}
return roletype;
}
同时重定向我的代码如下:-
[Authorize(Users="B,Test")] // This is working
//[Authorize(Roles="Admin")] This is not working
public ActionResult InsertProduct()
{
return View();
}
基于用户的身份验证工作正常,但当我在角色上进行时,它不起作用。
请告诉我必须对我的代码进行哪些更改才能使其正常工作。
谢谢,
拉胡尔
找到答案,只是在Global.asax.cs
中添加了以下代码
protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
string rolename = string.Empty;
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
using (UserEntities entities = new UserEntities())
{
var roleid = entities.tblUsers.Where(u => u.UserName == username).Select(u => u.RoleId);
int role = 0;
foreach (int i in roleid)
{
role = i;
}
rolename = entities.tblRoles.Where(r => r.Id == role).Select(r=>r.RoleName).First().ToString();
}
e.User = new System.Security.Principal.GenericPrincipal(//, rolename.Split(';')); for more than one role
new System.Security.Principal.GenericIdentity(username, "Forms"),new String[] { rolename});
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
我想使用表单身份验证创建基于角色的身份验证。请在下面找到我的控制器代码:-
[HttpPost]
public ActionResult Login(tblUser user)
{
DataClasses1DataContext dbcontext = new DataClasses1DataContext();
List<Mvc4API.linqtosql.tblUser> lstuser = dbcontext.tblUsers.ToList();
string message = string.Empty;
bool userlogin = lstuser.Exists(x => x.UserName == user.UserName && x.Password == user.Password);
if (userlogin)
{
FormsAuthentication.SetAuthCookie(user.UserName, true);
//role = "BB";
string Role = GetRoles(user.UserName);
return RedirectToAction("InsertProduct", "Product");
}
else
{
message = "Invalid User";
}
ViewBag.Message = message;
return View(user);
}
private string GetRoles(string UserName)
{
UserEntities userEntities = new Mvc4API.UserEntities();
List<tblUser> lstuser = userEntities.tblUsers.ToList();
List<tblRole> lstrole = userEntities.tblRoles.ToList();
var role = from u in lstuser
join r in lstrole on u.RoleId equals r.Id
where u.UserName == UserName
select r.RoleName.ToString();
string roletype = "";
foreach (var item in role)
{
roletype = item.ToString();
}
return roletype;
}
同时重定向我的代码如下:-
[Authorize(Users="B,Test")] // This is working
//[Authorize(Roles="Admin")] This is not working
public ActionResult InsertProduct()
{
return View();
}
基于用户的身份验证工作正常,但当我在角色上进行时,它不起作用。
请告诉我必须对我的代码进行哪些更改才能使其正常工作。
谢谢,
拉胡尔
找到答案,只是在Global.asax.cs
中添加了以下代码protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
string rolename = string.Empty;
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
using (UserEntities entities = new UserEntities())
{
var roleid = entities.tblUsers.Where(u => u.UserName == username).Select(u => u.RoleId);
int role = 0;
foreach (int i in roleid)
{
role = i;
}
rolename = entities.tblRoles.Where(r => r.Id == role).Select(r=>r.RoleName).First().ToString();
}
e.User = new System.Security.Principal.GenericPrincipal(//, rolename.Split(';')); for more than one role
new System.Security.Principal.GenericIdentity(username, "Forms"),new String[] { rolename});
}
catch (Exception)
{
//somehting went wrong
}
}
}
}