如果未使用 C# 登录 ASP.NET Web 表单,则将用户重定向到登录
[英]Redirect user to login if not logged in ASP.NET web form using C#
问题描述
I'm trying to develop web app in ASP.NET web forms using C# and I've looked everywhere I could on the internet, but I found no solution to the problem.
我正在尝试使用 C# 在 ASP.NET Web 表单中开发 Web 应用程序,并且我已经在互联网上查看了所有我能找到的地方,但我没有找到解决问题的方法。 I've tried editing the default Web app template, to restrict a user from accessing any page if the user is not logged in. The default page should be the log in page and if the user clicks on anything else, he/she must be redirected to login page.我尝试编辑默认的 Web 应用程序模板,如果用户未登录,则限制用户访问任何页面。默认页面应该是登录页面,如果用户点击其他任何内容,他/她必须是重定向到登录页面。 Using MVC is easier, with just one bit of code on web.config but I've no idea what to do here in the web form使用 MVC 更容易,在 web.config 上只有一点代码,但我不知道在 web 表单中做什么
This is currently what my web.config contains.这是目前我的 web.config 包含的内容。
<?xml version="1.0"?>
<configuration>
<location path="Manage.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
Where exactly I need to change?我究竟需要在哪里改变?
2 个解决方案
解决方案1
1 2017-03-29 01:00:41
The shortest path to what you want is to use forms authentication with a login URL , where you'd add something like this to your web.config:您想要的最短路径是使用带有登录 URL 的表单身份验证,您可以在其中向 web.config 添加如下内容:
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
The forms authentication mechanism will issue a cookie to a user when they log in. If they attempt to access a page without the cookie, or with a cookie that has expired, the site will detect this via the FormsAuthenticationModule , which inspects each and every request that hits the site.表单身份验证机制将在用户登录时向用户发出 cookie。如果他们尝试访问没有 cookie 或 cookie 已过期的页面,站点将通过FormsAuthenticationModule检测到这一点,它会检查每个请求命中该网站。 If the user isn't authenticated, it'll automatically issue a redirect to the loginUrl that you have specified (login.aspx in my example).如果用户未通过身份验证,它会自动重定向到您指定的loginUrl (在我的示例中为 login.aspx)。
You can use a similar approach if you are using other authentication methods.如果您使用其他身份验证方法,则可以使用类似的方法。 In pretty much all cases there will be some mechanism that looks for a cookie indicating that the user has signed on.在几乎所有情况下,都会有某种机制来查找表明用户已登录的 cookie。
解决方案2
0 2017-03-29 07:15:01
Mmm....okay lets do it by another way, First on the login page, in code behind (The C# code not the HTML) you must create a session like this嗯……好吧,让我们用另一种方式来做,首先在登录页面上,在后面的代码中(C# 代码不是 HTML),你必须创建一个像这样的会话
Session["user"] = username;
you must create the Session before redirect the user to any page on your website , Now you created the session with the username or the email whatever you like to store in the session, You must check for the session in every page on your website in the Page_Load method in code behind to check for the session you do it like this您必须在将用户重定向到您网站上的任何页面之前创建会话,现在您使用用户名或电子邮件创建了会话,无论您想在会话中存储什么,您必须在您网站上的每个页面中检查会话代码中的 Page_Load 方法来检查你这样做的会话
protected void Page_Load(object sender, EventArgs e)
{
if (Session["user"] == null)
Response.Redirect("login.aspx", true);
}
where the "login.aspx" is the page in your website that the user will redirected to so, Now if Session["user"] is null the server will go to login.aspx with "just one bit of code" and to clear the session on the logout button you do it like其中“login.aspx”是您网站中用户将重定向到的页面,现在如果Session["user"]为空,则服务器将使用“只有一点代码”转到 login.aspx 并清除您喜欢的注销按钮上的会话
Session.Clear();
Session.Abandon();
Session.RemoveAll();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.