[英]Sessions in Asp.NET MVC 4
Can anybody please tell me how to handle sessions in asp.net MVC 4. I am aware about this Session variable and I know how to use it. 谁能告诉我如何在asp.net MVC 4中处理会话。我知道此Session变量,并且知道如何使用它。
Session["login"] = true; //We can use it in controller to check the whether user logged in or not.
Above code snippet is enough to handle sessions on small web application. 上面的代码片段足以处理小型Web应用程序上的会话。 But, what if I have many controllers and actions and I am working on a large application, In this case I cant use session variable in each action.
但是,如果我有许多控制器和动作,而我正在处理大型应用程序,在这种情况下,我将无法在每个动作中使用会话变量。
Is there is any generic place where I can check my session variables or any other solution ? 有什么通用的地方可以检查会话变量或任何其他解决方案?
I used to write a Base Controller class and all other Controllers inherit from it that need to authenticated before access: 我曾经写过一个Base Controller类,所有其他Controller都继承自该类,需要在访问之前进行身份验证:
public class DefaultController : Controller
{
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.Session["User"] == null)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = 403;
filterContext.Result = new JsonResult { Data = "LogOut", JsonRequestBehavior = JsonRequestBehavior.AllowGet };
}
else
filterContext.Result = RedirectToAction("Login", "Account");
}
else
{
//base.Execute(filterContext.RequestContext);
}
}
}
and inherit from Base Controller in the ones for which user must be logged in: 并从Base Controller继承用户必须登录的用户:
public class LeaveController : DefaultController
{
}
Another way is to write your own authorizaion attribute. 另一种方法是编写您自己的授权属性。
See Filter and Attributes in asp.net mvc 请参阅asp.net mvc中的过滤器和属性
Here is sample for custom filter attribute, create class which inherits from ActionFilterAttribute
: 这是自定义过滤器属性的示例,创建从
ActionFilterAttribute
继承的类:
public class SessionTimeoutAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.Session["someValueYouLookFor"] == null)
{
filterContext.Result = new RedirectResult("~/Home/Index"); // redirect to login action
}
else
{
// continue normal execution
}
}
}
and put it on Controller or Action: 并将其放在Controller或Action上:
[SessionTimeout]
public ActionResult Index()
{
}
Definitely, you can use Authentication filter if you're using MVC 5. 当然,如果您使用的是MVC 5,则可以使用身份验证过滤器。
for simplest way, you can have a baseController, and all other controller should inherit that controller, and in baseController you can override that OnActionExecuting event, to verify if session is there or not. 以最简单的方式,您可以拥有一个baseController,所有其他控制器都应继承该控制器,并且在baseController中,您可以覆盖该OnActionExecuting事件,以验证会话是否存在。
for ex. 对于前。
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (Convert.ToBoolean(Session["login"]))
{
//Authenticated
}
else
{
//Kick to login page
}
}
All other controller should inherit this baseController 所有其他控制器应继承此baseController
public class HomeController : BaseController
{
public ActionResult Index()
{
return View();
}
public ActionResult Test()
{
return View();
}
}
This way, before your action method start executing, it will be verified through baseController's OnActionExecuting event. 这样,在您的操作方法开始执行之前,将通过baseController的OnActionExecuting事件对其进行验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.