首页 新闻 会员 周边 捐助

cookie丢失问题

0
悬赏园豆:50 [待解决问题]

用户第一天注册登录系统无任何问题,第二天以后再次登录系统会经常在操作过程中丢失cookie,  求高手 帮忙解答  代码 如下:

登录时 写入cookie 

 

身份验证

yutiansh2的主页 yutiansh2 | 初学一级 | 园豆:134
提问于:2015-09-15 16:34
< >
分享
所有回答(2)
0 
var dTimeOut = FormsAuthentication.Timeout.TotalMinutes;
            var ticket = new FormsAuthenticationTicket(1, user.UserId, DateTime.Now,
                DateTime.Now.AddMinutes(dTimeOut), true, userType, FormsAuthentication.FormsCookiePath);
            var identity = new FormsIdentity(ticket);


            var gp = new GenericPrincipal(identity, new string[] { userType });
            HttpContext.User = gp;
            var cookieValue = FormsAuthentication.Encrypt(ticket);
            var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieValue)
            {
                Secure = FormsAuthentication.RequireSSL,
                Domain = FormsAuthentication.CookieDomain,
                Path = FormsAuthentication.FormsCookiePath
            };
            HttpContext.Response.Cookies.Add(cookie);
        void MvcApplication_AuthorizeRequest(object sender, EventArgs e)
        {
            if (System.Web.HttpContext.Current.User == null) return;
            if (!Context.User.Identity.IsAuthenticated) return;

            var id = Context.User.Identity as FormsIdentity;
            if (id == null) return;
            var roles = new string[] { id.Ticket.UserData };
            Context.User = new GenericPrincipal(id, roles);
        }

这样试试

webaspx | 园豆:1973 (小虾三级) | 2015-09-16 11:56
0

原因是你这种形式存储的COOKIE量有限,多了就会丢失,这是没办法的事情,但是你可以进行优化,我写一段代码你看下,你看明白调试正确,应该就可以解决你的问题:

//假设传过来用户User,//isPersistent是你的True,我用3个方法给你优化下
public static void SignIn(User user, bool isPersistent)
        {
            // 如果登录成功 则做此设置 表明验证通过
            // 输入的 username 用来作为登录验证票据 tick 的一部分
            // persistence cookie 如果为false 则为回话cookie 浏览器关闭就失效,如果为 true 则有效期为配置中的 timeout
            FormsAuthentication.SetAuthCookie(user.UserName, isPersistent); // 此方法设置要安全可靠

            CookieHelper.SetAuthCookieTicket(user);
            CookieHelper.SetUserCookie(user);
        }
//我们实现CookieHelper方法:里面的2个扩展方法:
1:SetAuthCookieTicket
public static void SetAuthCookieTicket(User user)
        {
            var response = HttpContext.Current.Response;
            var cookie = response.Cookies.Get(FormsAuthentication.FormsCookieName);
            if (cookie == null) return;

            var permissions = new List<string>();
            var oldTicket = FormsAuthentication.Decrypt(cookie.Value);
            if (oldTicket == null) return;

            var newTicket = new FormsAuthenticationTicket(oldTicket.Version,
                oldTicket.Name,
                oldTicket.IssueDate,
                oldTicket.Expiration,
                oldTicket.IsPersistent,
                //这里设置新的内容
                permissions.Join(",")
                );
            //cookieValue 
            cookie.Value = FormsAuthentication.Encrypt(newTicket);
        }
2:扩展方法SetUserCookie
 public static void SetUserCookie(User user)
        {
            var cookie = new HttpCookie(UserCookieName)
            {
                Expires = DateTime.UtcNow.Add(FormsAuthentication.Timeout),
                Secure = FormsAuthentication.RequireSSL,
                HttpOnly = true
            };

            cookie.Values.Add("uid", user.Id.ToString(CultureInfo.InvariantCulture));
            cookie.Values.Add("displayname", user.DisplayName);

            HttpContext.Current.Response.Cookies.Add(cookie);
稳稳的河 | 园豆:4216 (老鸟四级) | 2015-09-16 12:13
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册