User.Identity.IsAuthenticated返回设置的cookie和验证后假 [英] User.Identity.IsAuthenticated returns false after setting cookie and validating
问题描述
我有MVC4用户授权的问题。
System.Web.Security.Membership.ValidateUser返回true
然后获取到FormsAuthentication.SetAuthCookie,我看到一个cookie的浏览器
然后User.Identity.IsAuthenticated仍计算为false出于某种原因,
User.Identity.IsAuthenticated仍然是一个重定向后,虚假和保持假的。
[使用AllowAnonymous]
[HttpPost]
公众的ActionResult登录(LoginModel型号,串RETURNURL)
{
如果(ModelState.IsValid)
{
如果(System.Web.Security.Membership.ValidateUser(model.UserName,model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName,model.RememberMe);
如果(Url.IsLocalUrl(RETURNURL))
{
返回重定向(RETURNURL);
}
其他
{
返回RedirectToAction(指数,家);
}
}
其他
{
ModelState.AddModelError(,提供的用户名或密码不正确。);
}
} //如果我们走到这一步,事情失败了,重新显示形式
返回查看(模型);
}
User.Identity.IsAuthenticated
调用<后不会被设置为true,直到下一个请求code> FormsAuthentication.SetAuthCookie()。
请参阅http://msdn.microsoft.com/en-us/library/twk5762b.aspx
该SetAuthCookie方法,增加了一个表单的身份验证票证要么
Cookies集合,或将网址,如果CookiesSupported是假的。
Forms身份验证票证提供表单的身份验证
信息由浏览器发出的下一个请求。
块引用>I am having a problem with MVC4 user authorization.
System.Web.Security.Membership.ValidateUser returns true
Then it gets to FormsAuthentication.SetAuthCookie and I see a cookie in my browser
Then User.Identity.IsAuthenticated still evaluates to false for some reason
User.Identity.IsAuthenticated is still false after a redirect and stays false.
[AllowAnonymous] [HttpPost] public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid) { if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); if (Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return View(model); }
解决方案
User.Identity.IsAuthenticated
won't be set to true until the next request after callingFormsAuthentication.SetAuthCookie()
.See http://msdn.microsoft.com/en-us/library/twk5762b.aspx
The SetAuthCookie method adds a forms-authentication ticket to either the cookies collection, or to the URL if CookiesSupported is false. The forms-authentication ticket supplies forms-authentication information to the next request made by the browser.
这篇关于User.Identity.IsAuthenticated返回设置的cookie和验证后假的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!