stackoom
  简体   繁体   中英

What is the best way to switch between authenticated and anonymous views in asp.net MVC3 web pages?

 原文  2012-02-14 08:15:17       asp.net/ asp.net-mvc/ asp.net-mvc-3/ razor

Question

I've been playing around with MVC3 for a little while and I'm thinking of putting what I've learned to use now and knocking up a genuine project using it but there's one thing that I've never really seen clearly explained or demonstrated and was hoping I could get a little feedback from the community here on the subject. The question is that when you have a page that can be in two states depending on whether the visitor is authenticated, what techniques should I be using to switch between the two states? Should each page have two completely independent views and a shared model common to both views or is it best approached with partial views to control the difference between the logged in or anonymous elements? Or would it be better to have two different models AND two different views and then switch between them at the controller stage?

I can see lots of different ways that I could implement it but I've never really seen any examples or suggestions on a best-practice way of going about it and I haven't built a project big enough yet to serve as a laboratory to find out the hard way, although that IS what I'm about to embark on.

Does anyone have any stories to tell of ways they have gone about it? Even "Don't do it this way" would be helpful just to thin out some of the options.

The reason I ask is that I'd like to make a site that isn't completely crippled until you login and register, it drives me nuts when you can't get past the home page of a site without going through a registration process so I want to be able to serve up a "Lite" version of each page with no user-specific content even if the visitor has not authenticated and then add the extra functionality to the page when they log in.

I can see other questions on the same subject but they all seem to relate to iOS development so apologies if this question has been asked before but I couldn't see anything that answered my question.

Feedback appreciated, I'd love to hear what works and what doesn't for other people.

Edit: A less ambiguous way of asking the question.

On my home page I have a username/password box in the top corner with a "login" button and a paragraph of text in the middle of the home page. When a user enters their username & Password and hits submit I want that "login" control to change to a "Welcome: {username}" message and a logout button and I want the paragraph of text on the homepage to switch to an "authenticated" message. What I don't know is where to make these changes to the page structure, are these two views? Authenticated_Homepage and Anonymous_Homepage, do they share a single model or do I just have one homepage view and use partial views for the changing parts, or do I use roles on the controller to return different views?

Just don't know which tools to use for the job to be honest.

1 answers

solution1
 0 ACCPTED  

That wouldn't be two Views. MVC typically uses authentication/authorization actually on the Action method level . But in your scenario, you'd do something like this in View code: 

@if(Request.IsAuthenticated) {
    <text>Welcome <strong>@User.Identity.Name</strong>!
    [ @Html.ActionLink("Log Off", "LogOff", "Account") ]</text>
}
else {
    @:[ @Html.ActionLink("Log On", "LogOn", "Account") ]
}

This is pulled directly from an MVC 3 template. In this case, this is Partial View code that is rendered on the _Layout.cshtml Shared View. That way this is rendered on each page (think of _Layout as a "master page" if you are coming from a WebForms background).

All the Partial View code does is test for an authenticated user. If it is an authenticated user, then there is a welcome message displayed. If it is not though, then there is an ActionLink() to get to the Login Action method in order to have the ability to authorize.

Typically though you'd restrict/allow users/roles to certain Action Methods, here's what you'd do: 

 public ActionResult EverybodyCanAccess()
 {
     return View();
 }

 [Authorize]
 public ActionResult OnlyAuthenticatedUsersCanAccess()
 {
     return View();
 }

 [Authorize(Roles = "Admin")]
 public ActionResult OnlyAdminsCanAccess()
 {
     return View();
 }

 [Authorize(Users = "John, Bob")]
 public ActionResult OnlyJohnAndBobCanAccess()
 {
     return View();
 }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What's the best way of structuring hiearchy of views in ASP.NET MVC? ASP.NET MVC3 Combination of Views + Partial Views Conflicting ASP.NET Web Pages with Razor over ASP.NET MVC Razor Views Microsoft mvc3 or ASP.NET Web pages for a new server-side scripter? ASP.NET MVC3 RAZOR: Redirecting from Partial Views ASP.NET MVC3 Nested Partial Views? Css is not working properly in asp.net mvc3 Razor Views What is the best way to manage users in ASP.NET MVC ASP.NET MVC3 Best way to customize converting input parameters What is the best way to host an ASP.NET MVC6 Application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM