MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户" [英] MVC 4 provided anti-forgery token was meant for user "" but the current user is "user"

查看:32
本文介绍了MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户"的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我最近发布了一个使用 MVC 4Entity Framework 5 构建的 Web 应用程序.MVC 应用程序使用 Razor 视图.

我注意到使用 Elmah 时,当用户登录应用程序时,有时他们会收到以下错误

提供的防伪令牌是给用户"的,但当前用户是user"

我已经对如何解决此问题进行了一些研究,但似乎对我没有任何作用.请在下面查看我的登录视图和相应的控制器操作.

剃刀视图

@if (!HttpContext.Current.User.Identity.IsAuthenticated){使用 (Html.BeginForm()){@Html.AntiForgeryToken()@Html.ValidationSummary(true)<div class="formEl_a"><字段集><legend>登录信息</legend><div class="lbl_a">电子邮件

<div class="editor-field">@Html.TextBoxFor(m => m.Email, new { @class = "inpt_a" })
@Html.ValidationMessageFor(m => m.Email)

<div class="lbl_a">@Html.LabelFor(m => m.Password)

<div class="editor-field sepH_b">@Html.PasswordFor(m => m.Password, new { @class = "inpt_a" })
@Html.ValidationMessageFor(m => m.Password)

</fieldset>

<br/><p><input type="submit" value="登录" class="btn btn_d sepV_a"/></p>}}

控制器

[AllowAnonymous]公共操作结果登录(){返回视图();}[HttpPost][允许匿名][验证AntiForgeryToken]公共 ActionResult 登录(LoginModel 模型,字符串 returnUrl){if (ModelState.IsValid && _accountService.Logon(model.Email, model.Password, true)){//证实}别的{//登录失败通知}}

我认为这一切看起来都不错,但错误仍然存​​在.有没有人对如何解决这个问题有任何想法?

非常感谢您的帮助.

谢谢.

解决方案

我相信这是因为用户双击了表单上的提交按钮.至少在我的网站上确实如此.

防伪令牌问题疑难解答

I've recently put Live a web application which was built using MVC 4 and Entity Framework 5. The MVC application uses Razor Views.

I noticed using Elmah that when users are logging into the application, sometimes they are getting the following error

The provided anti-forgery token was meant for user "" but the current user is "user"

I've done a bit of research already on how to fix this issue, but nothing seems to work for me. Please see my Login View and corresponding Controller Actions below.

Razor View

@if (!HttpContext.Current.User.Identity.IsAuthenticated)
{

using (Html.BeginForm())
{
    @Html.AntiForgeryToken()
    @Html.ValidationSummary(true)

     <div class="formEl_a">

        <fieldset>
            <legend>Login Information</legend>

            <div class="lbl_a">
                Email
            </div>
            <div class="editor-field">
                @Html.TextBoxFor(m => m.Email, new { @class = "inpt_a" })<br />
                @Html.ValidationMessageFor(m => m.Email)
            </div>

            <div class="lbl_a">
                @Html.LabelFor(m => m.Password)
            </div>
            <div class="editor-field sepH_b">
                @Html.PasswordFor(m => m.Password, new { @class = "inpt_a" })<br />
                @Html.ValidationMessageFor(m => m.Password)
            </div>


        </fieldset>
    </div>
    <br />
      <p>
            <input type="submit" value="Log In" class="btn btn_d sepV_a" />
        </p>

}    
}

Controller

[AllowAnonymous]
public ActionResult Login()
{
     return View();
}

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model, string returnUrl)
{
     if (ModelState.IsValid && _accountService.Logon(model.Email, model.Password, true))
     {
          //Validate
     }
     else
     {
          // inform of failed login
      }

}

I thought this all looked OK, but still the error persists. Does any have any ideas on how to fix this problem?

Your help is greatly appreciated.

Thanks.

解决方案

I believe this is occurring because the users are double-clicking the submit button on the form. At least that's EXACTLY the case on my site.

Troubleshooting anti-forgery token problems

这篇关于MVC 4 提供的防伪令牌是为用户“"提供的.但当前用户是“用户"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆