[英]I am failing to authenticate users on login in asp.net mvc5 using asp.net identity
I am using asp.net identity the moment I place the [authorize] tag on top of the action that redirects me to the user dashboard I am redirected back to the login page.我正在使用 asp.net 身份,当我将 [authorize] 标记放在将我重定向到用户仪表板的操作顶部时,我被重定向回登录页面。 This to me means that something is missing from my asp.net identity as I am unable to authorize any user to access the dashboard unless I remove the authorize tag这对我来说意味着我的 asp.net 身份缺少某些内容,因为除非我删除授权标签,否则我无法授权任何用户访问仪表板
My Home controller for Login我的家 controller 用于登录
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(UserProfile objUser)
{
if (ModelState.IsValid /*&& WebSecurity.Login(objUser.UserName.ToString(), objUser.Password )*/)
{
using (MarketingDBEntitiesModel db = new MarketingDBEntitiesModel())
{
var obj = db.UserProfiles.Where(a => a.UserName.Equals(objUser.UserName) && a.Password.Equals(objUser.Password)).FirstOrDefault();
if (obj != null)
{
Session["UserID"] = obj.UserId.ToString();
Session["UserName"] = obj.UserName.ToString();
ConfigurationManager.AppSettings["CurrentUserId"] = Session["UserID"].ToString();
ConfigurationManager.AppSettings["UserName"] = objUser.UserName;
//await SignIn(obj.UserId.ToString(), false);
return RedirectToAction("UserDashBoard");
}
}
}
return View(objUser);
}
[Authorize]
public ActionResult UserDashBoard()
{
if (Session["UserID"] != null)
{
return View();
}
else
{
return RedirectToAction("Login");
}
}
My Web Config我的 Web 配置
<authentication mode="Forms">
<forms loginUrl="~/Home/Login" timeout="2880" />
</authentication>
Of course, this would fail.当然,这会失败。 Your code is not authorizing a user, you're just setting values to the session and saving them to the web.config.您的代码没有授权用户,您只是将值设置为 session 并将它们保存到 web.config。
Take a look at this article, ASP.NET MVC Authorization and Security .看看这篇文章, ASP.NET MVC 授权和安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.