ASP.NET MVC:如何使用HttpContext.User [英] ASP.NET MVC: How to use HttpContext.User
问题描述
关于如何使用HttpContext.User我真的迷路了.我到处都读到它对FormAutherication非常有用,但是我看不到它是如何工作的.如果我做这样的事情:
Im getting really lost on how to use HttpContext.User. I read everywhere that its great for FormAutherication, but i just cant see how it works. If i do something like this:
ControllerContext.HttpContext.User = new GenericPrincipal(GetUser(username, password), roles);
ControllerContext.HttpContext.User包含什么?以及我如何以这种方式访问有关用户的信息?
What does ControllerContext.HttpContext.User contain? and how do i access information about the user this way?
我认为我有一个像这样的动作:
Im think that i have a Action like this:
public User GetUser(string username, string password)
{
try
{
var user = (from u in dm.Users
join r in dm.Roles
on u.Role_ID_FK equals r.RoleID
where u.Username.Equals(username) && u.Password.Equals(password)
select u).Single();
return user;
}
catch (Exception e)
{
return null;
}
}
然后,如果我想在我的视图中获取用户信息,例如用户名或角色,则可以在我的视图中调用ControllerContext.HttpContext.User.Username.但这显然是错误的观察方法.
And then if i want user information in my view, like the user name or role, i can call ControllerContext.HttpContext.User.Username in my View. But this is diffenrently the wrong way to look at it.
那么你们能给我一个正确的方向吗?或者发布指向可以的网站的链接?
So can you guys give me a kick in the rigth direction or post a link to a site which can?
推荐答案
我不确定您要使用发布的代码到底做什么,但是这对HttpContext.User有帮助.用外行的话来说,它代表请求特定页面的当前用户,实际上,在您的Controller内,您可以将其称为"User"而没有前缀.
I'm not sure exactly what you are trying to do with the code you posted, but here's some help with HttpContext.User. In layman's terms it represents the current user requesting the particular page, and actually within your Controller you can just reference it as "User" without the prefix.
User.Identity将让您知道用户是否已通过身份验证,以及用户名和身份验证方式(窗体或Windows).
User.Identity will let you know if the user is authenticated, and if so their username and how they authenticated (Forms or Windows).
通常用于获取请求页面的用户的用户名,以便您的控制器操作可以执行正确的职责.像这样:
It's generally used to get the username of the user requesting the page so your controller actions can perform the correct duties. Something like:
public ActionResult Index()
{
//you should probably use the [Authorize] attribute on the Action Method
//but you could check for yourself whether the user is authenticated...
if (!User.Identity.IsAuthenticated)
return RedirectToAction("LogIn");
MyUser u = repository.GetUser(User.Identity.Name); //lookup user by username
ViewData["fullname"] = u.FullName; //whatever...
return View();
}
在此示例中,如果用户尚未通过身份验证,则将他们重定向到登录"页面,如果已经通过,则Action方法将使用User.Identity.Name(这是他们登录的用户名)或Windows登录名)来查找并从数据库中返回MyUser对象的实例,并将用户的全名放在ViewData中以进行显示.
In this example, if the user hasn't been authenticated, they will be redirected to a LogOn page, and if they have been, the Action method is using the User.Identity.Name (which is the username they logged in with, or their Windows login) to lookup and return an instance of a MyUser object from your database and puts the user's full name in ViewData to be displayed.
这篇关于ASP.NET MVC:如何使用HttpContext.User的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
