使用Global.asax设置/检查会话变量并重定向(用于用户测试) [英] Using Global.asax to set/check session variable and redirect (for user testing)

问题描述

我想为我的网站添加非常简单的临时安全性.

I would like to add very simple, temporary security to my site.

我在Home/UnderConstruction上创建了一个页面，在那里测试站点的人可以输入硬编码的密码，然后将"underconstruction"会话变量设置为"false".

I made a page at Home/UnderConstruction where people testing the site can enter a hard-coded password which will then set the "underconstruction" session variable to "false".

这是我到目前为止的内容，但是它导致了太多的重定向:

This is what I have so far, but it results in too many redirects:

    protected void Session_Start(Object sender, EventArgs e)
    {
        HttpContext.Current.Session["underconstruction"] = "true";
    }

    protected void Application_AcquireRequestState(Object sender, EventArgs e)
    {
                if (HttpContext.Current != null && HttpContext.Current.Session != null)
                {
                    var underconstruction = HttpContext.Current.Session["underconstruction"];
                    if (underconstruction != null)
                    {
                        string oc = underconstruction.ToString();
                        if (oc != "false") Response.Redirect("~/Home/UnderConstruction");
                    }
                }

    }

这接近我需要做的吗?

这是我们要工作的代码:

UnderConstruction视图的控制器代码

    public ViewResult UnderConstruction()
    {
        return View();
    }


    [HttpPost]
    public ActionResult UnderConstruction(string ocp)
    {
        if (ocp == "mypassword")
        {
            Session["underconstruction"] = "false";
            return RedirectToAction("Index", "Home");
        }
        else
        {
            Session["beingredirected"] = "false";
            return View();
        }
    }

Global.Asax

    protected void Session_Start(Object sender, EventArgs e)
    {
        HttpContext.Current.Session["underconstruction"] = "true";
        HttpContext.Current.Session["beingredirected"] = "false";
    }


    protected void Application_AcquireRequestState(Object sender, EventArgs e)
    {
        if (HttpContext.Current != null && HttpContext.Current.Session != null)
        {
            bool uc = false;
            var underconstruction = HttpContext.Current.Session["underconstruction"];
            if (underconstruction != null)
            {
                uc = Boolean.Parse(underconstruction.ToString());
            }

            bool redirected = false;
            var beingredirected = HttpContext.Current.Session["beingredirected"];
            if (beingredirected != null)
            {
                redirected = Boolean.Parse(beingredirected.ToString());
            }

            if (uc && !redirected)
            {
                if (Request.HttpMethod == "GET")
                {
                    HttpContext.Current.Session["beingredirected"] = "true";
                    Response.Redirect("~/Home/UnderConstruction");
                }
                else if (Request.HttpMethod == "POST")
                {
                }

            }

            HttpContext.Current.Session["beingredirected"] = "false";
        }
    }

推荐答案

~/Home/UnderConstruction是否在其他网站中?如果不是，是否会因为oc始终为true而始终重定向?即-您是否还需要为您请求的页面添加检查，以便如果已经转到UnderConstruction页面，则可以绕过重定向?

Is ~/Home/UnderConstruction in a different website? If not, wont it always redirect because oc will always be true? ie - do you also need to add a check for the page you're requesting so you can bypass the redirect if already going to the UnderConstruction page?

更新

不确定检查页面名称是否是个好主意，但是类似的方法可能有用:

Not sure if checking the page name is a great idea, but something like this might work:

protected void Session_Start(Object sender, EventArgs e)
{
    HttpContext.Current.Session["underconstruction"] = "true";
    HttpContext.Current.Session["beingredirected"] = "false";
}

protected void Application_AcquireRequestState(Object sender, EventArgs e)
{
    if (HttpContext.Current != null && HttpContext.Current.Session != null)
    {
        bool uc = false;
        var underconstruction = HttpContext.Current.Session["underconstruction"];
        if (underconstruction != null)
        {
            uc = Boolean.Parse(underconstruction);
        }

        bool redirected = false;
        var beingredirected = HttpContext.Current.Session["beingredirected"];
        if (beingredirected != null)
        {
            redirected = Boolean.Parse(beingredirected);
        }

        if (uc && !redirected)
        {
            HttpContext.Current.Session["beingredirected"] = "true";
            Response.Redirect("~/Home/UnderConstruction");
        }

        HttpContext.Current.Session["beingredirected"] = "false";
    }
}

请注意，我会对此进行清理，该示例只是为了给出大致的想法.

Note that I would clean that up, that example was to just give the general idea.

更新

如果您要使用注释中提到的角色，请

If you want to use roles as mentioned in the comments, then this article from ScottGu's Blog may help. Its a little more complicated, but has the added benefit of not introducing temporary code as the above solution will

这篇关于使用Global.asax设置/检查会话变量并重定向(用于用户测试)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！