- 首页
- 其他开发
- MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户"
MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户"
[英] MVC 4 provided anti-forgery token was meant for user "" but the current user is "user"
本文介绍了MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户"的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我最近发布了一个使用 MVC 4 和 Entity Framework 5 构建的 Web 应用程序.MVC 应用程序使用 Razor 视图.
我注意到使用 Elmah 时,当用户登录应用程序时,有时他们会收到以下错误
提供的防伪令牌是给用户"的,但当前用户是user"
我已经对如何解决此问题进行了一些研究,但似乎对我没有任何作用.请在下面查看我的登录视图和相应的控制器操作.
剃刀视图
@if (!HttpContext.Current.User.Identity.IsAuthenticated){使用 (Html.BeginForm()){@Html.AntiForgeryToken()@Html.ValidationSummary(true)<div class="formEl_a"><字段集><legend>登录信息</legend><div class="lbl_a">电子邮件
<div class="editor-field">@Html.TextBoxFor(m => m.Email, new { @class = "inpt_a" })
@Html.ValidationMessageFor(m => m.Email)
<div class="lbl_a">@Html.LabelFor(m => m.Password)
<div class="editor-field sepH_b">@Html.PasswordFor(m => m.Password, new { @class = "inpt_a" })
@Html.ValidationMessageFor(m => m.Password)
</fieldset>
<br/><p><input type="submit" value="登录" class="btn btn_d sepV_a"/></p>}}
控制器
[AllowAnonymous]公共操作结果登录(){返回视图();}[HttpPost][允许匿名][验证AntiForgeryToken]公共 ActionResult 登录(LoginModel 模型,字符串 returnUrl){if (ModelState.IsValid && _accountService.Logon(model.Email, model.Password, true)){//证实}别的{//登录失败通知}}
我认为这一切看起来都不错,但错误仍然存在.有没有人对如何解决这个问题有任何想法?
非常感谢您的帮助.
谢谢.
解决方案
我相信这是因为用户双击了表单上的提交按钮.至少在我的网站上确实如此.
防伪令牌问题疑难解答
I've recently put Live a web application which was built using MVC 4 and Entity Framework 5. The MVC application uses Razor Views.
I noticed using Elmah that when users are logging into the application, sometimes they are getting the following error
The provided anti-forgery token was meant for user "" but the current user is "user"
I've done a bit of research already on how to fix this issue, but nothing seems to work for me. Please see my Login View and corresponding Controller Actions below.
Razor View
@if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
using (Html.BeginForm())
{
@Html.AntiForgeryToken()
@Html.ValidationSummary(true)
<div class="formEl_a">
<fieldset>
<legend>Login Information</legend>
<div class="lbl_a">
Email
</div>
<div class="editor-field">
@Html.TextBoxFor(m => m.Email, new { @class = "inpt_a" })<br />
@Html.ValidationMessageFor(m => m.Email)
</div>
<div class="lbl_a">
@Html.LabelFor(m => m.Password)
</div>
<div class="editor-field sepH_b">
@Html.PasswordFor(m => m.Password, new { @class = "inpt_a" })<br />
@Html.ValidationMessageFor(m => m.Password)
</div>
</fieldset>
</div>
<br />
<p>
<input type="submit" value="Log In" class="btn btn_d sepV_a" />
</p>
}
}
Controller
[AllowAnonymous]
public ActionResult Login()
{
return View();
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid && _accountService.Logon(model.Email, model.Password, true))
{
//Validate
}
else
{
// inform of failed login
}
}
I thought this all looked OK, but still the error persists. Does any have any ideas on how to fix this problem?
Your help is greatly appreciated.
Thanks.
解决方案
I believe this is occurring because the users are double-clicking the submit button on the form. At least that's EXACTLY the case on my site.
Troubleshooting anti-forgery token problems
这篇关于MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!