在哪里/如何填充与用户存储在cookie数据在MVC应用程序第一次加载会话？ [英] Where/how to populate session with user stored in cookie data in MVC app on first load?

问题描述

我已经得到了我的存储整个用户对象和当人登录到我的网站使用表单验证（使用MVC提供的登录的默认）我的Session变量设置为用户对象，像这样一个会话变量：

I've got a session variable that stores my entire user object and when the person logs into my site with forms authentication (using the default MVC provided login) I set the Session variable to the user object like so:

FormsAuthentication.SetAuthCookie(user.Username, model.RememberMe);
SessionUtil.User = user;

我所有的网页设置为从这个Session对象工作，但是当他们检查记得我框中出现问题。关闭浏览器，重新打开浏览器，然后重新进入我的网站。这次会议显然在这一点上，他们没有登录，但我的网站仍然记得他们，但所有这些引用我的用户对象在会议休息的网页谁。

All my pages are set to work from this Session object, however the problem arises when they check the remember me box. Close their browser, re-open the browser, and go to my site again. The session is clear at this point, and they didn't log in, but my site still remembers who they are, however all the pages which reference my user object in session break.

我要寻找一种方式来填充会话的用户对象与相应的数据，因此，在上述情况下的会话对象不会是空的，无论他们打什么第一页在被记住访问我的网站了。哪里是一个很好的位置，要做到这一点？在应用程序启动？在SessionUtil（现在它只是用于会话瓦尔静态包装）？控制器上的基类？怎么办呢？我有写下车的用户名用户的逻辑。

I am looking for a way to populate the Session user object with the appropriate data so that in the above scenario the session object would not be empty regardless what page they hit first upon being 'remembered' after visiting my site. Where is a good location to do this? In the application start? In the SessionUtil (right now it's just a static wrapper for session vars)? Base class on the controller? And how do I do that? I've got the logic written to get a user off the username.

编辑：好了的Application_Start并不似乎是一个好地方，因为这样做的：

Well application_start doesn't appear to be a good spot because doing this:

        if (User != null)
        {
            SessionUtil.User = EntityServiceFactory.GetService<UserService>().GetUser(User.Identity.Name);
        }

在该方法不能从发生prevent的问题。我试图在检查是否做User.Identity.Name，然后我得到一个空引用异常，但我仍然记得并登录时，页面加载实际

in the method doesn't prevent the problem from happening. I tried doing User.Identity.Name in the if check and then I got a null reference exception, but I am still remembered and logged in when the page actually loads.

试过每飞溅-X的评论Global.asax中以下内容：

Tried the following in Global.asax per Splash-X's comment:

protected void Application_BeginRequest()
    {
        if(User != null)
        {
            SessionUtil.User = EntityServiceFactory.GetService<UserService>().GetUser(User.Identity.Name);
        }
    }

此事件运行的每个请求，但用户永远是零。但我不明白的是默认的_LogOnPartial code：

This event is running each request, but User is always null. But what I don't get is the default _LogOnPartial code:

@if(Request.IsAuthenticated) {
<text><strong>@User.Identity.Name</strong> [@Html.ActionLink("Profile", "Profile", "Account")]
[ @Html.ActionLink("Log Off", "LogOff", "Account") ]</text>
}

仍表现出我作为登录和用户名是显示有罚款。

is still showing me as logged in and the Username is showing fine there.

推荐答案

您肯定不希望使用的Application_Start - 这个只执行一次，开始时你的应用程序旋转起来。你可以寻找的是在session_start，将在一个新的会话的第一个请求运行：

You definitely don't want to use application_start - this only runs once, at the beginning your application spins up. What you could be looking for is session_start, which will run at the first request of a new session:

void Session_Start(object sender, EventArgs e) {
  // set SessionUtil.User here
}

我不觉得有哪里该用户你们的对象必须是刷新一个明确的答案。如果我必须选择，我可能会做它在您的SessionUtil.User吸气。像这样的东西（警告，我没有编译或测试本）

I don't think there's a definitive answer of where this user object of yours must be refreshed. If I had to pick, I would probably do it in your SessionUtil.User getter. Something like this (warning, I did not compile or test this)

public User User
{
    get
    {
        if (Session["user"] != null)
            return Session["user"] as User;

        var user = GetUser(); //however you normally get current user

        Session["user"] = user;

        return user;
    }
}

最终的结果是，你永远要求会话工具的用户属性为null，将变得不可能。

The net result is that it would become impossible for you to ever request the User property of your session utility to be null.

修改：仅仅是明确的，会话无关与被记住。您的网站知道你已经登录并验证的，因为你有ASP.NET授权cookie。这是独立的会议。 Session是一个简单的内存存储范围，并提供给每一个独特的用户，通过身份验证的或不的

Edit: just to be clear, session has nothing to do with being "remembered". Your site knows you are logged in and authenticated because you have the ASP.NET authorization cookie. This is independent of Session. Session is simply a memory store scoped and available to each unique user, authenticated or not.

这篇关于在哪里/如何填充与用户存储在cookie数据在MVC应用程序第一次加载会话？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！