IsAuthenticated 为假
IsAuthenticated is false
我试图在我登录后立即在我的导航栏上添加一个注销按钮,但由于某些原因 Request.IsAuthenticated 一直是错误的,我不明白为什么。我使用 UserAuthenticationFilter 来阻止访问其他页面,除非你登录,但我怀疑它是否相关。
我从用户控制器注销方法的一小段
{
public class UserController : Controller
{
[UserAuthenticationFilter]
[HttpGet]
public ActionResult Management()
{
using (CarsDBEntities db = new CarsDBEntities())
{
return View(db.Users.ToList());
}
}
[UserAuthenticationFilter]
public ActionResult Register()
{
return View();
}
[UserAuthenticationFilter]
[HttpPost]
public ActionResult Register(User user)
{
if (ModelState.IsValid)
{
using (CarsDBEntities db = new CarsDBEntities())
{
db.Users.Add(user);
db.SaveChanges();
}
ModelState.Clear();
ViewBag.Message = user.FirstName + " " + user.LastName + " successfully registered.";
}
return View();
}
public ActionResult Login()
{
return View();
}
[HttpPost]
public ActionResult Login(User user)
{
using (CarsDBEntities db = new CarsDBEntities())
{
var usr = db.Users.SingleOrDefault(u => u.Email == user.Email && u.Password == user.Password);
if (usr != null)
{
Session["UserId"] = usr.UserId.ToString();
Session["Email"] = usr.Email.ToString();
Session["FirstName"] = usr.FirstName.ToString();
Session["LastName"] = usr.LastName.ToString();
return RedirectToAction("LoggedIn");
}
else
{
ModelState.AddModelError("", "Email or Password is incorrect!");
}
return View();
}
}
[UserAuthenticationFilter]
public ActionResult LoggedIn()
{
if (Session["UserId"] != null)
{
return RedirectToAction("Management");
}
else
{
return RedirectToAction("Login");
}
}
[ValidateAntiForgeryToken]
[HttpPost]
[Authorize]
public ActionResult Logout()
{
FormsAuthentication.SignOut();
Session.Abandon();
return RedirectToAction("Login", "User");
}
}
}
_LoginPartial.cshtml
@using Microsoft.AspNet.Identity
@if (Request.IsAuthenticated)
{
using (Html.BeginForm("Logout", "User", FormMethod.Post, new { id = "logoutForm", @class = "navbar-right" }))
{
@Html.AntiForgeryToken()
<ul class="nav navbar-nav navbar-right">
<li>@Html.ActionLink(User.Identity.GetUserName(), "User", "Management")</li>
<li>@Html.ActionLink("Log out", "Logout", "User")</li>
<li><a href="javascript:document.getElementById('logoutForm').submit">Log off</a></li>
</ul>
}
}
else
{
<ul class="nav navbar-nav navbar-right">
<li>@Html.ActionLink("Log in", "Login", "User")</li>
</ul>
}
}
我登录后应该在这个导航栏上注销而不是登录。
您需要告诉 FormsAuthentication 用户已经登录。
public ActionResult Login(User user)
{
using (CarsDBEntities db = new CarsDBEntities())
{
var usr = db.Users.FirstOrDefault(u => u.Email == user.Email && u.Password == user.Password);
if (usr != null)
{
FormsAuthentication.SetAuthCookie(usr.Email, false); // add this
Session["UserId"] = usr.UserId.ToString();
Session["Email"] = usr.Email.ToString();
Session["FirstName"] = usr.FirstName.ToString();
Session["LastName"] = usr.LastName.ToString();
return RedirectToAction("LoggedIn");
}
else
{
ModelState.AddModelError("", "Email or Password is incorrect!");
}
return View();
}
}
此外,请使用 FirstOrDefault 而不是 SingleOrDefault
我试图在我登录后立即在我的导航栏上添加一个注销按钮,但由于某些原因 Request.IsAuthenticated 一直是错误的,我不明白为什么。我使用 UserAuthenticationFilter 来阻止访问其他页面,除非你登录,但我怀疑它是否相关。
我从用户控制器注销方法的一小段
{
public class UserController : Controller
{
[UserAuthenticationFilter]
[HttpGet]
public ActionResult Management()
{
using (CarsDBEntities db = new CarsDBEntities())
{
return View(db.Users.ToList());
}
}
[UserAuthenticationFilter]
public ActionResult Register()
{
return View();
}
[UserAuthenticationFilter]
[HttpPost]
public ActionResult Register(User user)
{
if (ModelState.IsValid)
{
using (CarsDBEntities db = new CarsDBEntities())
{
db.Users.Add(user);
db.SaveChanges();
}
ModelState.Clear();
ViewBag.Message = user.FirstName + " " + user.LastName + " successfully registered.";
}
return View();
}
public ActionResult Login()
{
return View();
}
[HttpPost]
public ActionResult Login(User user)
{
using (CarsDBEntities db = new CarsDBEntities())
{
var usr = db.Users.SingleOrDefault(u => u.Email == user.Email && u.Password == user.Password);
if (usr != null)
{
Session["UserId"] = usr.UserId.ToString();
Session["Email"] = usr.Email.ToString();
Session["FirstName"] = usr.FirstName.ToString();
Session["LastName"] = usr.LastName.ToString();
return RedirectToAction("LoggedIn");
}
else
{
ModelState.AddModelError("", "Email or Password is incorrect!");
}
return View();
}
}
[UserAuthenticationFilter]
public ActionResult LoggedIn()
{
if (Session["UserId"] != null)
{
return RedirectToAction("Management");
}
else
{
return RedirectToAction("Login");
}
}
[ValidateAntiForgeryToken]
[HttpPost]
[Authorize]
public ActionResult Logout()
{
FormsAuthentication.SignOut();
Session.Abandon();
return RedirectToAction("Login", "User");
}
}
}
_LoginPartial.cshtml
@using Microsoft.AspNet.Identity
@if (Request.IsAuthenticated)
{
using (Html.BeginForm("Logout", "User", FormMethod.Post, new { id = "logoutForm", @class = "navbar-right" }))
{
@Html.AntiForgeryToken()
<ul class="nav navbar-nav navbar-right">
<li>@Html.ActionLink(User.Identity.GetUserName(), "User", "Management")</li>
<li>@Html.ActionLink("Log out", "Logout", "User")</li>
<li><a href="javascript:document.getElementById('logoutForm').submit">Log off</a></li>
</ul>
}
}
else
{
<ul class="nav navbar-nav navbar-right">
<li>@Html.ActionLink("Log in", "Login", "User")</li>
</ul>
}
}
我登录后应该在这个导航栏上注销而不是登录。
您需要告诉 FormsAuthentication 用户已经登录。
public ActionResult Login(User user)
{
using (CarsDBEntities db = new CarsDBEntities())
{
var usr = db.Users.FirstOrDefault(u => u.Email == user.Email && u.Password == user.Password);
if (usr != null)
{
FormsAuthentication.SetAuthCookie(usr.Email, false); // add this
Session["UserId"] = usr.UserId.ToString();
Session["Email"] = usr.Email.ToString();
Session["FirstName"] = usr.FirstName.ToString();
Session["LastName"] = usr.LastName.ToString();
return RedirectToAction("LoggedIn");
}
else
{
ModelState.AddModelError("", "Email or Password is incorrect!");
}
return View();
}
}
此外,请使用 FirstOrDefault 而不是 SingleOrDefault