【问题标题】:Session management in asp.net Code firstasp.net代码中的会话管理优先
【发布时间】:2016-08-05 23:21:25
【问题描述】:

我在我的项目中使用自定义身份验证,我无法管理会话以获取路由中的用户权限。 这是我的代码

管理员控制器

// POST: administration
[HttpPost]
public ActionResult Login(Admin admin)
{
    var user = AdminContext.admins.SingleOrDefault(u => u.Email == admin.Email && u.Pass == admin.Pass);

    if (user != null)
    {
        Session["adminID"] = user.adminID;
        Session["adminNom"] = user.Nom.ToString() + " " + user.Prenom.ToString();

        if (System.IO.File.Exists(Server.MapPath("~" + user.Photo)))
        { Session["adminPhoto"] = "~" + user.Photo; }
        else
        { Session["adminPhoto"] = "~/Content/TemplateAdmin/assets/images/no_img.png"; }

        return RedirectToRoute("Dashboard");
    }
    else
    {
        ModelState.AddModelError("", "Email ou mot de passeest incorrect");
        return View("~/Views/Administration/Login.cshtml");
    }
}

项目路线

public static void RegisterRoutes(RouteCollection routes)
{
    routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

    routes.MapRoute(
        name: "LoginAdmin",
        url: "administration",
        defaults: new { controller = "Admin", action = "Login" }
    );

    routes.MapRoute(
        name: "Dashboard",
        url: "administration/dashboard",
        defaults: new { controller = "Dashboard", action = "Index"}
    );

    routes.MapRoute(
        name: "Profile",
        url: "administration/profile",
        defaults: new { controller = "Admin", action = "Profil" }
    );

    routes.MapRoute(
        name: "Gestion_admins",
        url: "administration/gestion_admins/{action}/{id}",
        defaults: new { controller = "Admin", action = "Index", id = UrlParameter.Optional }
    );
}

我应该检查我项目中所有 ActionResult 的会话吗? 像这样:

// POST: Profil
[HttpPost]
public ActionResult Profil(Admin model)
{
    if (Session["adminID"] != null)
    {
        model.adminID = Convert.ToInt32(Session["adminID"]);
    }
}

【问题讨论】:

    标签: c# asp.net asp.net-mvc asp.net-mvc-4 session


    【解决方案1】:

    我解决了这个问题,我分享它:

    我创建了一个新类AdminAuthorize

    public class AdminAuthorize : AuthorizeAttribute
    {
    
        baseContext AdminContext;
    
        public AdminAuthorize()
        {
            AdminContext = new baseContext();
        }
    
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
    
            //check cookie
    
            string email = string.Empty, password = string.Empty;
            Admin TempAdmin = null;
    
            if (httpContext.Response.Cookies["adminEmail"] != null)
                email = httpContext.Response.Cookies["adminEmail"].Value;
    
            if (httpContext.Response.Cookies["adminPass"] != null)
                password = httpContext.Response.Cookies["adminPass"].Value;
    
            if (!String.IsNullOrEmpty(email) && !String.IsNullOrEmpty(password))
                TempAdmin = AdminContext.admins.SingleOrDefault(u => u.Email == email && u.Pass == password);
    
                if (TempAdmin != null)
                {
                    httpContext.Session["adminID"] = TempAdmin.adminID;
                    httpContext.Session["adminNom"] = TempAdmin.Nom.ToString() + " " + TempAdmin.Prenom.ToString();
    
                    if (System.IO.File.Exists(httpContext.Server.MapPath("~" + TempAdmin.Photo)))
                    { httpContext.Session["adminPhoto"] = "~" + TempAdmin.Photo; }
                    else
                    { httpContext.Session["adminPhoto"] = "~/Content/TemplateAdmin/assets/images/no_img.png"; }
    
                    return true;
                }
    
    
            // Now check the session:
            if (httpContext.Session["adminID"] != null)
            {
                return true;
            }
    
            return false;
        }
    }
    

    我只是在 Admincontroller

    中使用它
    [AdminAuthorize]
            public ActionResult Profil()
            {
                int id = Convert.ToInt32(Session["adminID"]);
    
            }
    

    有效!!

    【讨论】:

      猜你喜欢
      • 2017-11-29
      • 2016-01-05
      • 1970-01-01
      • 2016-09-15
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多