即使使用 AllowAnonymous 属性,注册页面也会重定向到登录页面
Register Page redirects to Login Page even with AllowAnonymous Attribute
我已经使用表单身份验证让用户登录到我的网站。但是,即使注册操作添加了 [AllowAnonymous] 属性,用户也无法在不登录的情况下访问注册页面。
我的 AccountController 操作是:
[HttpGet]
[AllowAnonymous]
public ActionResult Register()
{
return View("Register");
}
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public ActionResult Register(RegistrationModel registrationModel)
{
if (new UserAccounts().DoesUserExist(registrationModel.UserName, registrationModel.Email))
ModelState.AddModelError(String.Empty, "User with same email or Username Already Exists");
else
{
new UserAccounts().CreateUser(registrationModel);
TempData["Success"] = "User has been created!";
}
return View();
}
仅向经过身份验证的用户显示内容的新闻控制器操作是:
[Authorize]
public ActionResult News()
{
HomeNewsModel HomeNewsModel = null;
try
{
ViewBag.IsNewsPage = true;
NewsArticles NewsItems = new NewsArticles();
ViewBag.Title = "Home";
HomeNewsModel = new HomeNewsModel();
HomeNewsModel.AllNews = NewsItems.GetAllNews();
HomeNewsModel.NewsCategory = new NewsArticles().GetCategories();
}
catch (Exception)
{
throw;
}
return View(HomeNewsModel);
}
这是我的 Web.Config 文件:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<appSettings>
<add key="webpages:Version" value="3.0.0.0"/>
<add key="webpages:Enabled" value="false"/>
<add key="ClientValidationEnabled" value="true"/>
<add key="UnobtrusiveJavaScriptEnabled" value="true"/>
</appSettings>
<connectionStrings>
<add name="DBConnectionString" connectionString="server = localhost; uid = root; password= admin; persistsecurityinfo=True;database=sqlexpressdb;" />
</connectionStrings>
<system.web>
<customErrors defaultRedirect="~/Error/" mode="Off" />
<compilation debug="true" targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5.2"/>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" />
</authentication>
</system.web>
<location path="Account/Register">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-5.2.3.0" newVersion="5.2.3.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701"/>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+"/>
</compilers>
</system.codedom>
</configuration>
我尝试过的事情:
- 将 [AllowAnonymous] 属性放在控制器的顶部
- 使用位置 path="Register" / path="~/Register" /path="~/Account/Register... 在 web.config
从新闻控制器中删除 [Authorize] 属性会在我单击它时打开注册页面。
当我在 URL.
中键入它时,在新闻控制器操作中启用 [Authorize] 属性的情况下删除会打开注册页面
但是,它会在启用这两种组合的情况下不断重定向到登录页面。
很高兴它有所帮助:)
只是在这里作为答案发布,以便访问该问题的人也可以获得类似问题的帮助。
在这种情况下,我们首先需要验证CSHTML页面的布局页面,以及完整层次结构中的任何部分视图不得有@Html.Action或@Html.RenderAction 呈现具有 Authorize 属性的操作。
我已经使用表单身份验证让用户登录到我的网站。但是,即使注册操作添加了 [AllowAnonymous] 属性,用户也无法在不登录的情况下访问注册页面。
我的 AccountController 操作是:
[HttpGet]
[AllowAnonymous]
public ActionResult Register()
{
return View("Register");
}
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public ActionResult Register(RegistrationModel registrationModel)
{
if (new UserAccounts().DoesUserExist(registrationModel.UserName, registrationModel.Email))
ModelState.AddModelError(String.Empty, "User with same email or Username Already Exists");
else
{
new UserAccounts().CreateUser(registrationModel);
TempData["Success"] = "User has been created!";
}
return View();
}
仅向经过身份验证的用户显示内容的新闻控制器操作是:
[Authorize]
public ActionResult News()
{
HomeNewsModel HomeNewsModel = null;
try
{
ViewBag.IsNewsPage = true;
NewsArticles NewsItems = new NewsArticles();
ViewBag.Title = "Home";
HomeNewsModel = new HomeNewsModel();
HomeNewsModel.AllNews = NewsItems.GetAllNews();
HomeNewsModel.NewsCategory = new NewsArticles().GetCategories();
}
catch (Exception)
{
throw;
}
return View(HomeNewsModel);
}
这是我的 Web.Config 文件:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<appSettings>
<add key="webpages:Version" value="3.0.0.0"/>
<add key="webpages:Enabled" value="false"/>
<add key="ClientValidationEnabled" value="true"/>
<add key="UnobtrusiveJavaScriptEnabled" value="true"/>
</appSettings>
<connectionStrings>
<add name="DBConnectionString" connectionString="server = localhost; uid = root; password= admin; persistsecurityinfo=True;database=sqlexpressdb;" />
</connectionStrings>
<system.web>
<customErrors defaultRedirect="~/Error/" mode="Off" />
<compilation debug="true" targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5.2"/>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" />
</authentication>
</system.web>
<location path="Account/Register">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-5.2.3.0" newVersion="5.2.3.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701"/>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+"/>
</compilers>
</system.codedom>
</configuration>
我尝试过的事情:
- 将 [AllowAnonymous] 属性放在控制器的顶部
- 使用位置 path="Register" / path="~/Register" /path="~/Account/Register... 在 web.config
从新闻控制器中删除 [Authorize] 属性会在我单击它时打开注册页面。 当我在 URL.
中键入它时,在新闻控制器操作中启用 [Authorize] 属性的情况下删除会打开注册页面但是,它会在启用这两种组合的情况下不断重定向到登录页面。
很高兴它有所帮助:)
只是在这里作为答案发布,以便访问该问题的人也可以获得类似问题的帮助。
在这种情况下,我们首先需要验证CSHTML页面的布局页面,以及完整层次结构中的任何部分视图不得有@Html.Action或@Html.RenderAction 呈现具有 Authorize 属性的操作。