MVC 4显示用户特定数据 [英] MVC 4 show user specific data

问题描述

我对MVC很新，我想问一下在浏览网站时显示用户特定数据的最佳做法是什么。我正在起诉MVC 4.



我们假设我在所有控制器级别都有[授权]过滤器，这将强制用户进行身份验证，除了少数操作控制器（注册，登录，密码重置）可以匿名访问。



如果我有用户x将登录，并浏览到他的帐户页面，我希望在那里显示，用户特定的帐户信息：姓名，电子邮件，公司，电话，订阅类型等。



如果他浏览某些特定于应用程序的设置，他应该能够看到/仅改变他赢得的设置。



我的问题基本上是：为了让我的应用程序理解现在登录用户x和任何内容，我必须做什么他浏览的页面（他有权访问）他只能看到他的具体数据？当用户浏览到帐户页面时...模型将返回：选择userID为current_logged_in_user的所有位置。我想我可以使用用户ID来识别用户特定数据吗？



数据将存储在SQL Server数据库中。

成功登录后，请保持用户的理解

var identity = new GenericIdentity（ticket.Name）;

所以，你有遵循表格认证，这是解决问题的正确方法。

请查看ASP.Net MVC中的FormAuthetication流程。下面是登录方法的示例。

  var  ticket =  new  FormsAuthenticationTicket（............... 
）; 
 
  var  encryptedTicket = FormsAuthentication.Encrypt（ticket）; 
  var  cookie =  new  HttpCookie（FormsAuthentication.FormsCookieName，encryptedTicket）
 {
 HttpOnly =  true ，
 Secure = FormsAuthentication.RequireSSL 
}; 
 
 
 
  var  identity =  new  GenericIdentity（ ticket.Name）; 
 
 HttpContext.Current.User = identity; 

更好地创建一个类，然后将其添加到Global.asax中的Global filer

I am quite new with MVC and I want to ask what is the best practice in showing user specific data while browsing the site. I am suing MVC 4.

Let's assume I have [Authorize] filter at all controllers level that will enforce users to be authenticated, except for few action controllers (register, login, password reset) that can be accessed anonymously.

If I have user x that will login, and browse to his account page, I want there to show, the user specific account info: name, email, company, phone, subscription type and so forth.

If he browse to some application specific settings, he should be able to see/change his won settings only.

My question basically is: what I have to do in order for my application to understand that now is logged in user x and on whatever page he browse(where he has access) he can see only his specific data? Something like when user browses to Account Page ... the model will return: select all where userID is current_logged_in_user. I guess I can use the user id for identifying the user specific data right?

The data will be stored in SQL Server db.

解决方案

after successful login, please keep the user's idenetiy to
var identity = new GenericIdentity(ticket.Name);
So, you have to follow forms authenticaion and this is right approach to solve your problem.
Please look at the FormAuthetication process in ASP.Net MVC. below is an example of log in method.

var ticket = new FormsAuthenticationTicket(...............
              );

           var encryptedTicket = FormsAuthentication.Encrypt(ticket);
           var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
           {
               HttpOnly = true,
               Secure = FormsAuthentication.RequireSSL
           };
         


           var identity = new GenericIdentity(ticket.Name);
           
           HttpContext.Current.User = identity;

Better you make a class and then add it to Global filer in Global.asax.

这篇关于MVC 4显示用户特定数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！