如果用户访问错误，我如何重定向到登录页面 [英] How can i redirect to login page, if user access is wrong

问题描述

登录页面=>

Login Page =>

protected void Page_Load(object sender, EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                if (Session["UserId"] != null)
                {
                    Session.Clear();
                    Session.RemoveAll();
                    Session.Abandon();
                }
            }
          }
       

        protected void btnLogin_Click(object sender, EventArgs e)
        {
            string str1 = null;
            string[] UserName = null;
            try
            {
                if (txtusername.Text.Contains("@"))
                {
                    string str = txtusername.Text;
                    UserName = str.Split('@');
                    LoginBL.UserName = UserName[0].ToString();
                    str1 = UserName[0].ToString();
                }
                else
                {
                    LoginBL.UserName = txtusername.Text.Trim();
                    str1 = txtusername.Text.Trim();
                }
                LoginBL.Password = txtpassword.Text.Trim();
                string Role = LoginBL.GetUserLogin();

                if (Role == "NoUser")
                    lblMessage.Text = "User Name and password mismatch. Try again.";
                else
                {
                    Session["UserId"] = LoginBL.UserId;
                    Session["Emp_Cus_Id"] = LoginBL.Emp_Cus_Id;
                    if (Role == "Admin")
                    {
                        Session["UserName"] = str1;
                        Response.Redirect("~/Admin/AdminHome.aspx");
                        //FormsAuthentication.RedirectFromLoginPage("Admin", false);
                    }
                    else if (Role == "Employee")
                    {
                        Session["UserName"] = str1;
                        LoginBL.ActiveEmployeeOnlineStatus(Convert.ToInt32(Session["Emp_Cus_Id"]));
                        Session["UserType"] = "Employee";
                        Response.Redirect("~/Employee/EmployeeHome.aspx");
                        //FormsAuthentication.RedirectFromLoginPage("Employee", false);

                    }
                    else if (Role == "Customer")
                    {
                        Session["UserName"] = str1;
                        LoginBL.ActiveCustomerOnlineStatus(Convert.ToInt32(Session["Emp_Cus_Id"]));
                        Session["UserType"] = "Customer";
                        Response.Redirect("~/Customer/CustomerHome.aspx");
                        //FormsAuthentication.RedirectFromLoginPage("Customer", false);
                    }
                }
            }
            catch (Exception ex)
            {
                lblMessage.Text = ex.Message;
            }

我的尝试：



主页page_

What I have tried:

Master Page page_

Load

=>

=>

if (Session["UserId"] == null || Session["Role"] == null
    || !Session["Role"].ToString().Equals(EnumUserRoles.Admin.ToString(), StringComparison.InvariantCultureIgnoreCase))
{
    arAdminHome.Visible = false;
    Response.Redirect("../LogIn.aspx");
}

推荐答案

最好的方法是停止滚动你自己的登录和进入系统。相反，使用会员资格简介 [ ^ ]因为它处理您的安全性，包括禁止访问不允许用户访问的页面，以及如果他未经许可试图访问页面，则首先登录。

您可以添加自己的自定义成员资格提供者您有特殊的业务规则可用于实际登录。

The best approach is to stop "rolling your own" login and entry system. Instead, use something like Introduction to Membership[^] as that handles the security for you, including forbidding access to pages the user isn't allowed into, and making him log in first if he tries to access a page without permission.
You can add your own Custom Membership provider if you have special business rules to work with for the actual login.

这篇关于如果用户访问错误，我如何重定向到登录页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！