ASP.NET成员资格密码过期 [英] ASP.NET membership password expiration

问题描述

我使用ASP.NET成员资格对我的web应用程序的认证。这个工作对我来说太棒了。我现在要实现密码过期。

I am using ASP.NET membership for the authentication of my web app. This worked great for me. I now have to implement password expiration.

如果密码已过期，用户应该被重定向到的ChangePassword 屏幕，不应该被允许访问应用程序的任何其他部分没有更改密码。

If the password has expired the user should be redirected to ChangePassword screen and should not be allowed access to any other part of the application without changing the password.

有很多aspx页面。一种解决方案可能会重定向到每一个ASPX的的ChangePassword 屏幕的OnInit 如果密码已过期。是否有任何其他的解决方案或建议。

There are many aspx pages. One solution could be to redirect to the ChangePassword screen OnInit of every aspx if the password has expired. Is there any other solutions or recommendations.

谢谢，
洁

推荐答案

继<一个href=\"http://stackoverflow.com/questions/349286/asp-net-membership-password-expiration/349687#349687\">csgero's回答，我发现你并不需要在ASP.Net 2.0明确添加事件处理此事件（3.5）。

Further to csgero's answer, I found that you don't need to explicitly add an event handler for this event in ASP.Net 2.0 (3.5).

您可以简单地创建的Global.asax 下面的方法，它被连接起来给你：

You can simply create the following method in global.asax and it gets wired up for you:

void Application_PostAuthenticateRequest(object sender, EventArgs e)
{
    if (this.User.Identity.IsAuthenticated)
    {
        // get user
        MembershipUser user = Membership.GetUser();

        // has their password expired?
        if (user != null
            && user.LastPasswordChangedDate.Date.AddDays(90) < DateTime.Now.Date
            && !Request.Path.EndsWith("/Account/ChangePassword.aspx"))
        {
            Server.Transfer("~/ChangePassword.aspx");
        }
    }
}

这篇关于ASP.NET成员资格密码过期的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！