stackoom
  简体   繁体   中英

MVC Core 2.0 and ASP.NET Forms Based Authentication

 原文  2018-02-27 20:22:03       c#/ asp.net-core/ asp.net-core-2.0

Question

My website is an online portal to data managed with a desktop (Silverlight) application. This application uses ASP.NET Forms Based Authentication to login a user.

The MVC Core 1.1 version of my website used MembershipProvider.ValidateUser from the System.Web.Security namespace to do this. Since I cannot add System.Web.dll to my ASP.NET MVC 2.0 project, how can I perform this validation?

If I am mistaken about adding System.Web.dll , please inform me, but I've looked into it and could not find the solution.

The Login method in my MVC Core 1.1 Controller:

[HttpPost]
[AllowAnonymous]
public IActionResult Login(LoginViewModel vmLogin)
{
    string loginName = $"{vmLogin.CompanyCode}\\{vmLogin.UserName}";

    MembershipProvider provider = Membership.Provider;
    if (provider.ValidateUser(loginName, vmLogin.Password))
    {
        Claim[] claims = { new Claim(ClaimTypes.Name, loginName) };
        ClaimsIdentity identity = new ClaimsIdentity(claims, "Custom");
        ClaimsPrincipal principal = new ClaimsPrincipal(identity);
        HttpContext.Authentication.SignInAsync("FundraiserCookieMiddlewareInstance", principal);

        return RedirectToAction("Index");
    }
    else
    {
        vmLogin.Password = string.Empty;
        vmLogin.Error = "Invalid Credentials";
        return View(vmLogin);
    }
}

The Models created from the database used for logging in: 从用于登录的数据库创建的模型

1 answers

solution1
 2  2018-02-27 22:04:52

ASP.NET Core 2.0 has a new identity model that is not backward compatible with the System.Web.Security namespace. The new identity provider models are here in GitHub and it contains a sample for ASP.NET MVC that is similar to your code. The following is a snippet of the Login method from the their AccountController sample code

// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
    ViewData["ReturnUrl"] = returnUrl;
    if (ModelState.IsValid)
    {
        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, set lockoutOnFailure: true
        var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
        if (result.Succeeded)
        {
            _logger.LogInformation(1, "User logged in.");
            return RedirectToLocal(returnUrl);
        }
        if (result.RequiresTwoFactor)
        {
            return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
        }
        if (result.IsLockedOut)
        {
            _logger.LogWarning(2, "User account locked out.");
            return View("Lockout");
        }
        else
        {
            ModelState.AddModelError(string.Empty, "Invalid login attempt.");
            return View(model);
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Core 2.0 authentication based on host name ASP.NET Core 2.0 Authentication NOT Working ASP.NET Core 2.0 Dynamic Authentication ASP.NET Core 2.0 authentication middleware Custom ASP.NET MVC Forms Authentication ASP.NET MVC + Silverlight + Forms Authentication Forms authentication asp.net mvc not authenticating ASP.NET MVC not work with Forms Authentication ASP.NET MVC forms authentication equivalent ASP.NET MVC Core 2.0 Cookie Authentication Fails with HttpPost ValidateAntiForgeryToken
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM