[英]Error 401 Unauthorized can't access to my home page even with the authentication
我必須在 ASP.NET 中開發一個 Web 應用程序,並且必須實現一個身份驗證控制器。 如果未通過身份驗證,則無法訪問主頁(顯然我知道),因此我寫了一個注釋[Authorize]
,只有在身份驗證良好時才能訪問。 但是我有一個 401 未經授權的錯誤我不明白為什么
這是我的 HomeController 代碼:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace M2Link2.Controllers
{
public class HomeController : Controller
{
[Authorize]
public ActionResult Index()
{
return View();
}
public ActionResult About()
{
ViewBag.Message = "Your application description page.";
return View();
}
public ActionResult Contact()
{
ViewBag.Message = "Your contact page.";
return View();
}
public ActionResult Deconnexion()
{
return View();
}
}
}
我的 ConnexionController 代碼:
using M2Link2.Entities;
using M2Link2.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
namespace M2Link2.Controllers
{
public class ConnexionController : Controller
{
// GET: Connexion
public ActionResult Authentification()
{
return View();
}
[HttpPost]
public ActionResult Authentification(AuthentificationModel modele)
{
if (ModelState.IsValid)
{
FormsAuthentication.SetAuthCookie(modele.Password, true);
return RedirectToRoute(new { action = "index", controller = "Home" });
}
return View();
}
}
}
我的 AuthentificationModel 代碼:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.ComponentModel.DataAnnotations;
using System.Linq;
using System.Web;
namespace M2Link2.Models
{
public class AuthentificationModel
{
[DisplayName("Pseudo")]
[Required]
public String Pseudo { get; set; }
[DisplayName("Mot de Passe")]
[Required]
public String Password { get; set; }
}
}
認證.cshtml:
@model M2Link2.Models.AuthentificationModel
@{
ViewBag.Title = "Authentification";
}
<h2>Authentification</h2>
@using (Html.BeginForm())
{
<div class="form-horizontal">
<h4>Veuillez vous authentifier</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
<div class="form-group">
@Html.LabelFor(model => model.Pseudo, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.EditorFor(model => model.Pseudo, new { htmlAttributes = new { @class = "form-control" } })
@Html.ValidationMessageFor(model => model.Pseudo, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
@Html.LabelFor(model => model.Password, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.EditorFor(model => model.Password, new { htmlAttributes = new { @class = "form-control" } })
@Html.ValidationMessageFor(model => model.Password, "", new { @class = "text-danger" })
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Create" class="btn btn-default" />
</div>
</div>
</div>
}
我將它添加到我的web.config
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Connexion/Authentification"/>
</authentication>
</system.web>
用偽代碼代替密碼並將createPersistentCookie
的布爾屬性createPersistentCookie
為 false: FormsAuthentication.SetAuthCookie(modele.Pseudo, false);
在私人導航器中嘗試,這樣 cookie 就不會持久存在。
FormsAuthentication.SetAuthCookie(String userName, bool createPersistentCookie)
設置瀏覽器 cookie 以啟動用戶會話。 這是每次將頁面發布到服務器時保持用戶登錄的原因。 createPersistentCookie
創建一個在瀏覽器關閉時不會過期的持久性 cookie,因此用戶可以返回站點並自動登錄。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.