ASP.NET MVC4 注销不工作
ASP.NET MVC4 LogOff doesnt work
首先我是 ASP.NET 的新手,如果这个问题很愚蠢,我很抱歉!
如果 username/password 与数据库数据匹配,我已经使用会话变量创建了一个登录系统!
问题是虽然我可以登录,但我无法注销
//
// POST: /Account/LogOff
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult LogOff()
{
Session.RemoveAll();
return RedirectToAction("Index", "Home");
}
以上代码来自AccountController
@if (Session["LoggedUser"]!=null) {
<text>
Hello, @Html.ActionLink(Session["Username"].ToString(), "Manage", "Account", routeValues: null, htmlAttributes: new { @class = "username", title = "Manage" })!
@using (Html.BeginForm("LogOff", "Account", FormMethod.Post, new { id = "logoutForm" })) {
@Html.AntiForgeryToken()
<a href="javascript:document.getElementById('logoutForm').submit()">LogOff</a>
}
</text>} else {
<ul>
<li>@Html.ActionLink("Register", "Register", "Account", routeValues: null, htmlAttributes: new { id = "registerLink" })</li>
<li>@Html.ActionLink("Log in", "Login", "Account", routeValues: null, htmlAttributes: new { id = "loginLink" })</li>
</ul>}
以上来自_partialLogin
我的问题是,当我按下注销时,网站只是跳过了控制器的注销部分,会话没有被清除,这意味着我仍然以用户身份登录
谢谢你的帮助
编辑:
这是登录页面的控制器,以备不时之需:
//
// GET: /Account/Login
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
return View();
}
//
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
DefaultConnection dc = new DefaultConnection();
var Users = (from c in dc.NonActivated_Users select c).ToList<NonActivated_Users>();
foreach (NonActivated_Users nua in Users){
if (nua.Password_Hash == Hasher.HashString(model.Password) && nua.Username==model.UserName){
Session["LoggedUser"] = nua;
Session["Rights"] = 4; //non activated user
Session["Username"] = 0;
nua.LastActive = DateTime.Now;
dc.SaveChanges();
return RedirectToLocal(returnUrl);
}
}
var Users1 = (from c in dc.User select c).ToList<User>();
foreach (User au in Users1)
{
if (au.Password_Hash == Hasher.HashString(model.Password) && au.Username == model.UserName)
{
Session["LoggedUser"] = au;
if (au.Membership == false) {
Session["Rights"] = 3; //activated user non premium
}
else
{
Session["Rights"] = 2; //activated user premium
}
au.Last_Active = DateTime.Now;
dc.SaveChanges();
return RedirectToLocal(returnUrl);
}
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
您没有设置 FormsAuthentication cookie,因此,您无法进行注销操作。
您需要使用 [AllowAnonymous] 属性修饰您的注销操作,或者在成功登录后设置身份验证 cookie
FormsAuthentication.SetAuthCookie(user.Username, false);
编辑:
我建议您使用 User.Identity.IsAuthenticated 检查用户身份验证,而不是检查会话是否存在。
除此之外,您可以将会话变量存储到单个自定义对象中,然后将该对象存储到单个会话中。在项目的后期跟踪您的会话会更容易:)
首先我是 ASP.NET 的新手,如果这个问题很愚蠢,我很抱歉!
如果 username/password 与数据库数据匹配,我已经使用会话变量创建了一个登录系统! 问题是虽然我可以登录,但我无法注销
//
// POST: /Account/LogOff
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult LogOff()
{
Session.RemoveAll();
return RedirectToAction("Index", "Home");
}
以上代码来自AccountController
@if (Session["LoggedUser"]!=null) {
<text>
Hello, @Html.ActionLink(Session["Username"].ToString(), "Manage", "Account", routeValues: null, htmlAttributes: new { @class = "username", title = "Manage" })!
@using (Html.BeginForm("LogOff", "Account", FormMethod.Post, new { id = "logoutForm" })) {
@Html.AntiForgeryToken()
<a href="javascript:document.getElementById('logoutForm').submit()">LogOff</a>
}
</text>} else {
<ul>
<li>@Html.ActionLink("Register", "Register", "Account", routeValues: null, htmlAttributes: new { id = "registerLink" })</li>
<li>@Html.ActionLink("Log in", "Login", "Account", routeValues: null, htmlAttributes: new { id = "loginLink" })</li>
</ul>}
以上来自_partialLogin
我的问题是,当我按下注销时,网站只是跳过了控制器的注销部分,会话没有被清除,这意味着我仍然以用户身份登录 谢谢你的帮助
编辑: 这是登录页面的控制器,以备不时之需:
//
// GET: /Account/Login
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
return View();
}
//
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
DefaultConnection dc = new DefaultConnection();
var Users = (from c in dc.NonActivated_Users select c).ToList<NonActivated_Users>();
foreach (NonActivated_Users nua in Users){
if (nua.Password_Hash == Hasher.HashString(model.Password) && nua.Username==model.UserName){
Session["LoggedUser"] = nua;
Session["Rights"] = 4; //non activated user
Session["Username"] = 0;
nua.LastActive = DateTime.Now;
dc.SaveChanges();
return RedirectToLocal(returnUrl);
}
}
var Users1 = (from c in dc.User select c).ToList<User>();
foreach (User au in Users1)
{
if (au.Password_Hash == Hasher.HashString(model.Password) && au.Username == model.UserName)
{
Session["LoggedUser"] = au;
if (au.Membership == false) {
Session["Rights"] = 3; //activated user non premium
}
else
{
Session["Rights"] = 2; //activated user premium
}
au.Last_Active = DateTime.Now;
dc.SaveChanges();
return RedirectToLocal(returnUrl);
}
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
您没有设置 FormsAuthentication cookie,因此,您无法进行注销操作。
您需要使用 [AllowAnonymous] 属性修饰您的注销操作,或者在成功登录后设置身份验证 cookie
FormsAuthentication.SetAuthCookie(user.Username, false);
编辑:
我建议您使用 User.Identity.IsAuthenticated 检查用户身份验证,而不是检查会话是否存在。
除此之外,您可以将会话变量存储到单个自定义对象中,然后将该对象存储到单个会话中。在项目的后期跟踪您的会话会更容易:)