做个CMS吧(二)-Forms登陆验证
一·配置web.config
1: <authorization><!--禁止未通过的用户访问-->
2: <deny user="?"></deny>
3: </authorization>
因为这玩意默认启用Forms验证,所以不用添加<authentication mode=”Forms”>添加了反而会报错
二·创建Login页面
这个“玩意”的登陆页面的文件名及目录结构必须是这样的“~/Account/Login.cshtml”;关键代码如下:
1: <form method="post">
2: 帐号<input name="user" type="text" />
3: 密码<input name="pass" type="password" />
4: <input name="login" type="submit" value="登录" class="button" />
5: </form>
逻辑代码:
1: @{
2: var returnUrl = Request.QueryString["ReturnUrl"];
3: if(returnUrl.IsEmpty()){
4: returnUrl = "~/Admin/";
5: }
6: if(IsPost){
7: var username = Request.Form["user"];
8: var password = Request.Form["pass"];
9: var nickname = "";
10: var y = FormsAuthentication.HashPasswordForStoringInConfigFile(username+password,"md5");
11: var db = Database.Open("RazorCMS");
12: var sqlSel = "select TOP 1 username,password,nickname from SiteSet";
13: var user = db.QuerySingle(sqlSel);
14: var x = FormsAuthentication.HashPasswordForStoringInConfigFile(user["username"]+user["password"],"md5");
15: if(x==y){
16: nickname = user["nickname"];
17: FormsAuthentication.RedirectFromLoginPage(nickname,true);
18: }
19: }
20: }
请高手解答:为什么我请求Admin目录不能定位到Default.cshtml
问题结局了。单词打错了。囧
三·创建Default.cshtml
证明趋势登陆成功:
1: @{
2: var n = Context.User.Identity.Name;
3: }
在页面输出n就行了
