ASP.NET MVC4 Forms 登录验证

Web.config配置:

在<system.web>节下:

<authentication mode="Forms">
  <forms loginUrl="~/Auth/Account/Login" timeout="2880" />
</authentication>

登录代码:

/// <summary>
/// 登录
/// </summary>
public static bool Login(string userName, string userPwd)
{
    MySqlHelper dbHelper = new MySqlHelper();
    sys_user userModel = dbHelper.FindBySql<sys_user>(string.Format("select * from Sys_User where UserName='{0}'", userName));
    if (userModel != null)
    {
        if (userModel.userPwd.ToUpper() == MD5Helper.Encrypt(userPwd))
        {
            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(userName, false, 120);
            string encryptedTicket = FormsAuthentication.Encrypt(ticket);
            HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
            HttpContext.Current.Response.Cookies.Add(authCookie);
            return true;
        }
    }
    return false;
}
View Code

退出登录代码:

/// <summary>
/// 退出登录
/// </summary>
public static void LoginOut()
{
    FormsAuthentication.SignOut();
}
View Code

判断用户是否登录:

/// <summary>
/// 判断是否登录
/// </summary>
public static bool IsLogin
{
    get
    {
        return HttpContext.Current.User.Identity.IsAuthenticated;
    }
}
View Code

获取登录用户:

/// <summary>
/// 获取登录用户
/// </summary>
public static sys_user LoginUser
{
    get
    {
        if (HttpContext.Current.User.Identity.IsAuthenticated)
        {
            string cookieName = FormsAuthentication.FormsCookieName;
            HttpCookie authCookie = HttpContext.Current.Request.Cookies[cookieName];
            FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
            string userName = authTicket.Name;
            MySqlHelper dbHelper = new MySqlHelper();
            return dbHelper.FindBySql<sys_user>(string.Format("select * from SYS_USER where UserName='{0}'", userName));

        }
        return null;
    }
}
View Code

Action跳过登录验证使用AllowAnonymous:

[AllowAnonymous]
public ActionResult Login()
{
    return View();
}
View Code

需要登录验证的Controller使用Authorize,或者加在自己写的ControllerBase上:

[Authorize]
public class ControllerBase : Controller
View Code

 

posted @ 2016-09-13 13:36  0611163  阅读(1094)  评论(0编辑  收藏  举报