ASP.NET MVC4 Forms 登录验证
Web.config配置:
在<system.web>节下:
<authentication mode="Forms"> <forms loginUrl="~/Auth/Account/Login" timeout="2880" /> </authentication>
登录代码:
/// <summary> /// 登录 /// </summary> public static bool Login(string userName, string userPwd) { MySqlHelper dbHelper = new MySqlHelper(); sys_user userModel = dbHelper.FindBySql<sys_user>(string.Format("select * from Sys_User where UserName='{0}'", userName)); if (userModel != null) { if (userModel.userPwd.ToUpper() == MD5Helper.Encrypt(userPwd)) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(userName, false, 120); string encryptedTicket = FormsAuthentication.Encrypt(ticket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); HttpContext.Current.Response.Cookies.Add(authCookie); return true; } } return false; }
退出登录代码:
/// <summary> /// 退出登录 /// </summary> public static void LoginOut() { FormsAuthentication.SignOut(); }
判断用户是否登录:
/// <summary> /// 判断是否登录 /// </summary> public static bool IsLogin { get { return HttpContext.Current.User.Identity.IsAuthenticated; } }
获取登录用户:
/// <summary> /// 获取登录用户 /// </summary> public static sys_user LoginUser { get { if (HttpContext.Current.User.Identity.IsAuthenticated) { string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = HttpContext.Current.Request.Cookies[cookieName]; FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); string userName = authTicket.Name; MySqlHelper dbHelper = new MySqlHelper(); return dbHelper.FindBySql<sys_user>(string.Format("select * from SYS_USER where UserName='{0}'", userName)); } return null; } }
Action跳过登录验证使用AllowAnonymous:
[AllowAnonymous] public ActionResult Login() { return View(); }
需要登录验证的Controller使用Authorize,或者加在自己写的ControllerBase上:
[Authorize] public class ControllerBase : Controller