如何根据角色更改ASP.Net MVC登录重定向? [英] How can I change the ASP.Net MVC Login Redirect based on role?

问题描述

我在MVC项目的帐户控制器"中输入了以下代码，并且同时担任管理员和经理角色.登录时，我被重定向回我的家庭索引，而不是被重定向到我的AdminApp索引.有什么想法让我的代码出错了吗?

I have the following code I've typed into the Account Controller in my MVC project and I am in both the administrator and manager roles. When I log in I get redirected back to my home index instead of being redirected to my AdminApp index. Any ideas where I'm going wrong in my code?

[AcceptVerbs(HttpVerbs.Post)]
    [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
        Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(string userName, string password, bool rememberMe, string returnUrl)
    {

        if (!ValidateLogOn(userName, password))
        {
                return View();
        }

        FormsAuth.SignIn(userName, rememberMe);
        if (!String.IsNullOrEmpty(returnUrl))
        {
            return Redirect(returnUrl);
        }
        else
        {
            if (User.IsInRole("Administrator") || (User.IsInRole("Manager")))
            {
                return RedirectToAction("Index", "AdminApp");
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }

        }
    } 

推荐答案

您的代码未按预期运行的原因是，User从技术上来说尚未未登录并经过身份验证.说什么?但是您确实致电了SignIn！

The reason your code is not working as expected is because the User has technically not been signed in and authenticated yet. Say what? But you did call SignIn!

FormsAuth.SignIn(userName, rememberMe);-在这种情况下只是FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);的包装-仅将用户浏览器上的asp.net授权cookie设置为响应的一部分.此时，仅对于请求之后，用户的浏览器将具有cookie，从而导致asp.net成员身份正确设置了"User"对象.您在LogOn方法中的所有代码仍假设是匿名用户，因此IsInRole检查失败，您将被重定向到首页.将if语句放在另一页上，登录后，您会看到User.IsInRole现在可以正常工作了. (确实，这就是您要使用User.IsInRole的目的，只是不在登录过程中使用)

FormsAuth.SignIn(userName, rememberMe); - which in this case is just a wrapper for FormsAuthentication.SetAuthCookie(userName, createPersistentCookie); - only sets the asp.net authorization cookie on the users browser as part of the response. It is only for requests after this point that the user's browser will have the cookie, causing the asp.net membership to properly set up the 'User' object. All of your code in the LogOn method is still assuming an anonymous user, so your IsInRole check fails and you are redirected home. Put your if statement on another page and after you've signed in, you'll see that now User.IsInRole works as expected. (And indeed, this is what you'd use User.IsInRole for, just not during the logon process)

那么如何在实际登录过程中进行检查? Roles.IsUserInRole或Roles.GetRolesForUser有几种方法，例如:

So how to check during the actual logon process? Roles.IsUserInRole or Roles.GetRolesForUser are a couple of ways, eg.:

if (Roles.IsUserInRole(userName, "Administrator") || Roles.IsUserInRole(userName, "Administrator"))
{
    return RedirectToAction("Index", "AdminApp");
}

您必须显式指定登录用户的用户名，这实际上将对成员资格数据存储区执行查询.关于这一点，我相信上面的代码将导致执行两个查询，您可能会发现这不理想.在这里Roles.GetRolesForUser可能是一个更好的选择:

You must explicitly specify the user name of the user logging in, which will actually execute a query against the membership datastore. On that note, I believe the above code would as a result cause two queries to be executed, which you may find less than ideal. This is where Roles.GetRolesForUser might be a better option:

string[] roles = Roles.GetRolesForUser(userName);
if (roles.Contains("Administrator") || roles.Contains("Manager"))
{
    return RedirectToAction("Index", "AdminApp");
}

希望有帮助！

这篇关于如何根据角色更改ASP.Net MVC登录重定向?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！