Asp.net成员资格注销不起作用

Question

我正在尝试在我的应用程序中实现成员身份，但是我遇到了问题。 这是我的登录代码，我正在登录时创建票证：

Kullanici kullanici = KullaniciProvider.KulaniciGetirEmailSifreIle(LoginControl.UserName, LoginControl.Password);
if (kullanici != null)
{
    Session["Kullanici"] = kullanici;
    string rol = "Firma";
    if (kullanici.KullaniciTipi == "Admin")
        rol = "Admin";


    FormsAuthentication.SetAuthCookie(LoginControl.UserName, true);
    FormsAuthenticationTicket ticket = new
    FormsAuthenticationTicket(
         1,
         LoginControl.UserName,
         System.DateTime.Now,
         System.DateTime.Now.AddMinutes(20),
         true,
         rol,
         FormsAuthentication.FormsCookiePath);
    string encTicket = FormsAuthentication.Encrypt(ticket);
    Response.Cookies.Add(new
    HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
    Response.Redirect(FormsAuthentication.GetRedirectUrl(LoginControl.UserName, true));
}

这是我的Global.asax文件，具有以下角色：

if (HttpContext.Current.User != null)
{
    if (HttpContext.Current.User.Identity.IsAuthenticated)
    {
        if (HttpContext.Current.User.Identity is FormsIdentity)
        {
            FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity;
            FormsAuthenticationTicket ticket = (id.Ticket);
            if (!FormsAuthentication.CookiesSupported)
            {
                //If cookie is not supported for forms authentication, then the
                //authentication ticket is stored in the URL, which is encrypted.
                //So, decrypt it
                ticket = FormsAuthentication.Decrypt(id.Ticket.Name);
            }
            // Get the stored user-data, in this case, user roles
            if (!string.IsNullOrEmpty(ticket.UserData))
            {
                string userData = ticket.UserData;
                string[] roles = userData.Split(',');
                //Roles were put in the UserData property in the authentication ticket
                //while creating it
                HttpContext.Current.User =
                  new System.Security.Principal.GenericPrincipal(id, roles);
            }
        }
    }
}

这是我的Site.Master。当用户注销时，代码不起作用。 用户无法正确退出

protected void LoginStatusGiris_LoggingOut(object sender, LoginCancelEventArgs e)
{

    Session.Clear();
    Session.Abandon();
    Session.RemoveAll();
    deleteCookies();
    FormsAuthentication.SignOut();
    FormsAuthentication.RedirectToLoginPage();


}
private void deleteCookies()
{
    string[] cookies = Request.Cookies.AllKeys;
    foreach (string cookie in cookies)
    {
        Response.Cookies[cookie].Expires = DateTime.Now.AddDays(-1);
    }
}

我已删除所有cookie，但找不到解决方案。

Answer 1

protected void LoginStatusGiris_LoggingOut(object sender, EventArgs e)
    {

        Session.Clear();
        Session.Abandon();
        Session.RemoveAll();
        deleteCookies();
        FormsAuthentication.SignOut();
        FormsAuthentication.RedirectToLoginPage();


    }

使用EventArgs代替LoginCancelEventArgs

Answer 2

您应该改用LoginStatusGiris LoggedOut事件，并清除会话和cookie，如下所示：

protected void LoginStatusGiris_LoggedOut(Object sender, System.EventArgs e)
{
    FormsAuthentication.SignOut();
    Session.Abandon();
    deleteCookies();
    FormsAuthentication.RedirectToLoginPage();
}

private void deleteCookies()
{
    string[] cookies = Request.Cookies.AllKeys;
    foreach (string cookie in cookies)
    {
        Response.Cookies[cookie].Expires = DateTime.Now.AddDays(-1);
        Response.Cookies.Add(cookie);
    }
}