堆栈内存溢出
  简体   繁体   English

我无法使用 asp.net 身份验证登录 asp.net mvc5 的用户

[英]I am failing to authenticate users on login in asp.net mvc5 using asp.net identity

 原文  2019-10-03 15:39:54       c#/ security/ asp.net-mvc-4/ authentication/ asp.net-identity

问题描述

I am using asp.net identity the moment I place the [authorize] tag on top of the action that redirects me to the user dashboard I am redirected back to the login page.我正在使用 asp.net 身份,当我将 [authorize] 标记放在将我重定向到用户仪表板的操作顶部时,我被重定向回登录页面。 This to me means that something is missing from my asp.net identity as I am unable to authorize any user to access the dashboard unless I remove the authorize tag这对我来说意味着我的 asp.net 身份缺少某些内容,因为除非我删除授权标签,否则我无法授权任何用户访问仪表板

My Home controller for Login我的家 controller 用于登录

 [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Login(UserProfile objUser)
        {
            if (ModelState.IsValid /*&& WebSecurity.Login(objUser.UserName.ToString(), objUser.Password )*/)
            {
                using (MarketingDBEntitiesModel db = new MarketingDBEntitiesModel()) 
                {
                    var obj = db.UserProfiles.Where(a => a.UserName.Equals(objUser.UserName) && a.Password.Equals(objUser.Password)).FirstOrDefault();

                    if (obj != null)
                    {
                        Session["UserID"] = obj.UserId.ToString();
                        Session["UserName"] = obj.UserName.ToString();
                        ConfigurationManager.AppSettings["CurrentUserId"] = Session["UserID"].ToString();                     
                        ConfigurationManager.AppSettings["UserName"] = objUser.UserName;
                        //await SignIn(obj.UserId.ToString(), false);
                        return RedirectToAction("UserDashBoard");
                    }
                }
            }
            return View(objUser);
        }

        [Authorize]
        public ActionResult UserDashBoard()
        {
            if (Session["UserID"] != null)
            {
                return View();
            }
            else
            {
                return RedirectToAction("Login");
            }
        }

My Web Config我的 Web 配置

<authentication mode="Forms">
      <forms loginUrl="~/Home/Login" timeout="2880" />
    </authentication>

1 个解决方案

解决方案1
 0  2019-10-04 13:12:28

Of course, this would fail.当然,这会失败。 Your code is not authorizing a user, you're just setting values to the session and saving them to the web.config.您的代码没有授权用户,您只是将值设置为 session 并将它们保存到 web.config。

Take a look at this article, ASP.NET MVC Authorization and Security .看看这篇文章, ASP.NET MVC 授权和安全

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用AspNet.Identity使用Asp.Net MVC5 RTM位登录/验证用户? - How do you login/authenticate a user with Asp.Net MVC5 RTM bits using AspNet.Identity? 在ASp.net身份MVC5中登录尝试 - Login Attempt in ASp.net Identity MVC5 ASP.NET MVC5身份实现 - ASP.NET MVC5 Identity Implementation 登录时的ASP.NET MVC5身份验证 - ASP.NET MVC5 Authenication on login 使用ASP.Net MVC5轻松登录 - Simple Login with ASP.Net MVC5 ASP.NET MVC5登录和聊天 - ASP.NET MVC5 Login & Chat 在ASP.NET MVC5中使用自定义登录进行表单身份验证 - Using Custom Login for forms authentication in asp.net mvc5 ASP.Net MVC替代登录身份 - ASP.Net MVC Alternative Login to identity ASP.Net MVC 简单的身份登录 - ASP.Net MVC simple Identity Login 仅企业库的ASP.NET MVC5身份 - ASP.NET MVC5 Identity with only Enterprise Library
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM