【4】 .net MVC使用Session验证用户登录

用最简单的Session方式记录用户登录状态

1.添加DefaultController控制器,重写OnActionExecuting方法,每次访问控制器前触发

    public class DefaultController : Controller
    {
        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            base.OnActionExecuting(filterContext);
            var controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;

            var userName = Session["UserName"] as String;
            if (String.IsNullOrEmpty(userName))
            {
                //重定向至登录页面
                filterContext.Result = RedirectToAction("Index", "Login", new { url = Request.RawUrl});
                return;
            }

        }
    }

2.登录控制器

    public class LoginController : Controller
    {
        // GET: Login
        public ActionResult Index(string ReturnUrl)
        {
            if (Session["UserName"] != null)
            {
                return RedirectToAction("Index", "Home");
            }
            ViewBag.Url = ReturnUrl;
            return View();
        }

        [HttpPost]
        public ActionResult Index(string name, string password, string returnUrl)
        {
            /*
                添加验证用户名密码代码
            */
            Session["UserName"] = name;
            if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }

        // POST: /Account/LogOff
        [HttpPost]
        public ActionResult LogOff()
        {
            Session["UserName"] = null;
            return RedirectToAction("Index", "Home");
        }
    }

3.需要验证的控制器继承DefaultController

    public class HomeController : DefaultController
    {
        public ActionResult Index()
        {
            return View();
        }
    }

 


这种方式适合比较小的项目
优点:简单,易开发
缺点:无法记录登录状态,而且Session方式容易丢失
posted @ 2017-02-20 20:58  清幽火焰  阅读(6711)  评论(0编辑  收藏  举报