首页 新闻 搜索 专区 学院

Mvc 身份验证的问题

0
悬赏园豆:100 [已关闭问题] 关闭于 2015-07-17 14:34
public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (!filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)
 && !filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
            {
                var referrer = filterContext.HttpContext.Request.UrlReferrer == null ? null : filterContext.HttpContext.Request.UrlReferrer.Host;
                var ddd = filterContext.HttpContext.User.Identity.IsAuthenticated;
                if (!filterContext.HttpContext.Request.IsAuthenticated)
                {
                    filterContext.Result = new RedirectResult("/Test/_login");
                }

            }
        }
    }

如上,我在Mvc写了一个过滤器,验证
filterContext.HttpContext.Request.IsAuthenticated是否为true

并且我在Controller中写了如下代码让身份验证通过
 FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, "Uid", DateTime.Now, DateTime.Now.AddDays(1), true, "UserData");
            HttpCookie Cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(Ticket));//加密身份信息,保存至Cookie
            Cookie.Expires = DateTime.Now.AddHours(12);
            Response.Cookies.Add(Cookie); 

但是执行这些代码之后,过滤器的那个

IsAuthenticated一直为false,头大。
求助,困扰好久了。。。

问题补充:

Controller层的代码

 private IUserService UserService;
        public AccountController(IUserService userService)
        {
            this.UserService = userService;
            base.AddDisposableObject(this.UserService);
        }
        [AllowAnonymous]
        public ActionResult Login(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            return View();
        }
        //登录
        [AllowAnonymous]
        [HttpPost]
        public ActionResult Login(string uid, string pwd, string returnUrl)
        {
            var mode = UserService.GetUserInfo(uid, pwd);
            if (mode != null)
            {
                SessionAccount userinfo = new SessionAccount {UserId = mode.uid, UserName = mode.uname};
                SaveCookie(userinfo);
            }
            else
            {
                return Content("{\"user\":\"null\"}");
            }
            if (!string.IsNullOrEmpty(returnUrl))
                return RedirectToLocal(returnUrl);

            return RedirectToLocal("/account/index");
        }
     
        
     
        private void SaveCookie(SessionAccount sessionAccount)
        {
            //HttpCookie authCookie = FormsAuthentication.GetAuthCookie(sessionAccount.UserId.ToString(), true);

            FormsAuthentication.SetAuthCookie(sessionAccount.UserId.ToString(),true);
            string UserData = SerializeHelper.JsonSerialize(sessionAccount);//序列化用户实体
            //保存身份信息,参数说明可以看提示
            FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, sessionAccount.UserId.ToString(), DateTime.Now, DateTime.Now.AddDays(1), true, UserData);
            HttpCookie Cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(Ticket));//加密身份信息,保存至Cookie
            Cookie.Expires = DateTime.Now.AddHours(12);
            Response.Cookies.Add(Cookie); 
        }

        public ActionResult Index()
        {
            return View();
        }
View Code
Tzn的主页 Tzn | 初学一级 | 园豆:11
提问于:2015-02-28 17:14
< >
分享
所有回答(3)
0

web.config是否设置了

 

<authentication mode="Forms">

 

 登陆通过后设置

FormsAuthentication.SetAuthCookie(....)

Yu | 园豆:12944 (专家六级) | 2015-02-28 17:23
  <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" timeout="2880" />
    </authentication>
FormsAuthentication.SetAuthCookie(sessionAccount.UserId.ToString(),true);

 

支持(0) 反对(0) Tzn | 园豆:11 (初学一级) | 2015-02-28 18:00
0

你这里写的有问题啊。你用了Authorize,在登录的时候为什么没有设置身份验证票证啊。

PandaIT | 园豆:333 (菜鸟二级) | 2015-02-28 17:33

有的呀,忘了贴出来

FormsAuthentication.SetAuthCookie(sessionAccount.UserId.ToString(),true);

 

支持(0) 反对(0) Tzn | 园豆:11 (初学一级) | 2015-02-28 18:02

@Tzn: 你把

string UserData = SerializeHelper.JsonSerialize(sessionAccount);//序列化用户实体
            //保存身份信息,参数说明可以看提示
            FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, sessionAccount.UserId.ToString(), DateTime.Now, DateTime.Now.AddDays(1), true, UserData);
            HttpCookie Cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(Ticket));//加密身份信息,保存至Cookie
            Cookie.Expires = DateTime.Now.AddHours(12);
            Response.Cookies.Add(Cookie); 

这注释掉试试

支持(0) 反对(0) Yu | 园豆:12944 (专家六级) | 2015-02-28 20:39
0

你先看下请求中是否携带了 cookie 嘛!

Launcher | 园豆:45045 (高人七级) | 2015-02-28 18:04
  1. Accept:
    text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
  2. Accept-Encoding:
    gzip,deflate,sdch
  3. Accept-Language:
    zh-CN,zh;q=0.8
  4. Connection:
    keep-alive
  5. Cookie:
    .ASPXAUTH=912B79B443A045637E4EAA28AD1F3D06C6D80D012DE60646DFEB2080A762540370F83672C2C6824669A9512FBEA6197701F3039EC49B5CC3EB1A3AD082597FCCD10CA9707D81A469C7CC4DAF59779FBF6AAA893FF9D790303605E7487766C1DF4CC4EFB8E7EE165896D28565BBD9AB6F660CEBD9CF8E837E376E8C12EA6F8ACD5A0ABE93279BD5AB9DFBA077F540515141F35A1C50DAE88C0FF6FFB2A145DF26
  6. Host:
    localhost:50943
  7. User-Agent:
    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36
支持(0) 反对(0) Tzn | 园豆:11 (初学一级) | 2015-02-28 18:09
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册