从其他控制器返回当前视图(MVC登录控件) [英] Return Current View From Different Controller (MVC Log On Control)
问题描述
我有一个简单的视图(Home/Index.cshtml):
I have a simple view (Home/Index.cshtml):
@{
Layout = null;
}
<!DOCTYPE html>
<html>
<head>
<title>Test Log On</title>
</head>
<body>
<div id="logon">
@Html.Partial("_LogOnPartial")
</div>
<div id="main">
Hello
</div>
</body>
</html>
它正在渲染局部视图(_LogOnPartial.cshtml):
It is rendering a partial view (_LogOnPartial.cshtml):
@using (Html.BeginForm("LogOn", "Account", FormMethod.Post))
{
<!-- ...fields omitted for simplicity... -->
<input type="submit" value="Log On" />
}
该部分视图正在发回到另一个控制器(AccountController.cs)上的操作方法:
That partial view is posting back to an action method on a different controller (AccountController.cs):
public class AccountController : Controller
{
[HttpPost]
public ActionResult LogOn()
{
// ...login logic omitted for simplicity...
return Redirect(Request.UrlReferrer.PathAndQuery);
}
}
您会注意到,它只是返回重定向.我认为必须有更好的方法(例如,返回视图),因为这会丢失所有模型数据(如果登录失败,这对于保留数据很有用).我可以绕过视图的路径,但是我不希望客户端访问该数据(并且使用会话来传递该数据看起来很笨拙)……似乎会使我的网站暴露出一些漏洞. br/>
我在想的是,可能有一种方法可以基于引荐来源网址确定默认视图.因此,如果我将"/Home/Index"或"/Home"或"/"或"/SomeOtherValidRoute"传递给函数,它将返回〜/Views/Home/Index.cshtml"视图.
您是否知道这样的功能,还是我会以错误的方式进行操作?在ASP.NET Web窗体中,这只是一个简单的用户控件,但是我在ASP.NET MVC中难以解决.
You''ll note that it is just returning a redirect. I''m thinking there must be a better way (e.g., return a view), as this loses all the model data (which would be useful to keep if the log on fails). I could pass around the path to the view, but I don''t want the client having access to that data (and using session to pass that around seems clunky)... seems like it might expose my website to some vulnerabilities.
What I''m thinking is that there might be a way to determine the default view based on the referrer URL. So if I pass in "/Home/Index" or "/Home" or "/" or "/SomeOtherValidRoute" to a function, it will return the "~/Views/Home/Index.cshtml" view.
Do you know of a function like that, or am I going about this the wrong way? In ASP.NET Web Forms this would just be a simple user control, but I''m having trouble figuring this out in ASP.NET MVC.
推荐答案
一个半部分回答(凌晨1点,我无法详细介绍:),但是我已经在休息室回答了您的帖子,可以在这里为您提供帮助.
"您会注意到它只是在返回重定向."这是第一个问题,只有成功登录后才应该重定向.
",因为这会丢失所有模型数据(如果登录失败,这将很有用.")如果登录失败,则应返回一个视图,其中包含(I"m猜测您所拥有的表单,并填写用户名(密码为空,并显示一条消息您的登录由于某种原因而被欺骗"之类的东西).我不确定您还想保留此信息的其他用途.通过会话或适当的后备存储将其持久化在服务器上,您将遇到与ASP.NET相同的问题:如果不进行加密,就无法将信息安全地发送给客户端(即使是加密的信息)可以阅读ViewState.这部分是我在The Lounge中提到的有关ASP.NET表单向您隐藏内容的示例,但这并不总是一件好事.
我在想的是,可能有一种方法可以根据引荐来源网址确定默认视图.因此,如果我将"/Home/Index"或"/Home"或"/"或"/SomeOtherValidRoute"传递给函数,它将返回〜/Views/Home/Index.cshtml"视图.有一种方法可以实现这一目标,而您已接近目标. 如果您想查看完整的解决方案,建议您创建一个新的MVC3应用程序,但选择" Inter net".它为您创建一个登录表单,以防止(未配置)身份验证/授权提供程序.您可以像针对ASP.NET一样针对提供程序保护它.假设您有两种与/home/index和/foo/bar对应的安全操作方法.使用 Authorize属性 ^ ]),因为可能有不止一种方法来访问这些方法,所以Web config中的ASP.NET位置是不够的.
无论如何,这样做之后,如果您尝试导航到/home/index,您将获得登录页面,并且发回服务器的查询字符串将以/home/index为目标.然后,默认的Login操作方法(类似于您所拥有的方法)将转移到查询字符串中由登录表单提供的目标.这样,如果导航到/foo/bar并登录,它将直接重定向到那里.
这不是解决此问题的唯一方法,但是它应该可以帮助您入门.
让我知道您是否需要更多帮助,我会尽力记住您是否在早上回答了,抱歉,目前我无法提供代码!
A semi Partial Answer (1am & I can''t go into details :), but I''ve answered your post in the Lounge and I can help you here).
"You''ll note that it is just returning a redirect." That''s the first problem, you should only re-direct if the login is a success.
"as this loses all the model data (which would be useful to keep if the log on fails)" If the login fails you should return a view with the "failure" information in (I''m guessing the form you have, with the username filled in (the password blanked and a message "Your login fooed for some reason" type thing). I''m not sure what else you''d want to keep this information for. Without persisting it at the server via session or a proper backing store, you''re going to have the same problems that you''d have with ASP.NET: there is no way to send the information safely to the client without encryption (even ViewState can be read). This is *partially* an example of what I was alluding to in The Lounge about ASP.NET forms hiding stuff from you and it not always being a good thing.
What I''m thinking is that there might be a way to determine the default view based on the referrer URL. So if I pass in "/Home/Index" or "/Home" or "/" or "/SomeOtherValidRoute" to a function, it will return the "~/Views/Home/Index.cshtml" view. There is a way to achieve this and you are close to the mark. If you want to see a full solution, I suggest you create a new MVC3 application but select "Internet". It creates a login form for you, secured against (unconfigured) Authentication/Authorisation providers. You can secure it against the providers as you would for ASP.NET. Let''s say you''ve two secured action methods corresponding to /home/index and /foo/bar. It is important to secure these with the Authorize attribute[^] as there may be more than one way to access these methods, the ASP.NET location in web config is not sufficient.
Anyway, having done this, if you try and navigate to /home/index you''ll get the login page and the Query string posted back to the server will have /home/index as the target. The default Login action method (similar to the one you have) will then transfer to the target as supplied by the login form in the query string. That way, if navigating to /foo/bar and logging in it will re-direct there instead.
This isn''t the only way to skin this problem, but it should get you started.
Let me know if you need any more help, I''ll try to remember to see if you''ve replied in the morning sorry I can''t provide code at the moment!
您是否尝试过使用Html.Action("action","controller",参数)(或Html.RenderAction())?
Have you tried using Html.Action("action", "controller", parameters) (or Html.RenderAction())?
这篇关于从其他控制器返回当前视图(MVC登录控件)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
