[英]How to check if password is valid? ASP.NET MVC Membership
I'm using default asp.net mvc 4 membership system. 我正在使用默认的asp.net mvc 4会员系统。 User sends his username and password over ASP.NET Web API in plain text.
用户以纯文本形式通过ASP.NET Web API发送用户名和密码。
So I have his plain password, How to compare it with stored hashed password? 所以我有他的普通密码,如何将其与存储的哈希密码进行比较?
Is there a function takes a string and compares it with hashed one? 是否有一个函数需要一个字符串并将其与散列的字符串进行比较?
You have to make sure that your web.config is properly setup to use membership. 您必须确保正确设置web.config以使用成员资格。 http://msdn.microsoft.com/en-us/library/6e9y4s5t%28v=vs.100%29.aspx
http://msdn.microsoft.com/en-us/library/6e9y4s5t%28v=vs.100%29.aspx
Also, I make sure to create a MachineKey in your web.config as well. 另外,我还要确保在web.config中创建一个MachineKey。 http://msdn.microsoft.com/en-us/library/ff649308.aspx
http://msdn.microsoft.com/en-us/library/ff649308.aspx
The code that you would put in your controller would be similar to: 您将在控制器中放置的代码类似于:
[HttpPost]
public ActionResult Login(AuthenticationModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.Username, model.Password)) {
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
}
}
With your model being similar to: 您的模型类似于:
public class AuthenticationModel
{
[Required]
[Display(Name = "Username")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember Me?")]
public bool RememberMe { get; set; }
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.