我如何能在MVC 4使用AntiForgeryToken使用JSON职位 [英] how can i use AntiForgeryToken with JSON post in mvc 4
本文介绍了我如何能在MVC 4使用AntiForgeryToken使用JSON职位的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有jQuery的code与JSON.stringify发布数据控制器类,但是当我用AntiForgeryToken,它不工作..是什么更好的方法来保护JSON帖子或我错过了什么......
其次我需要更多的这种..即加密来保护JSON数据...
非常感谢先进的帮助...
<脚本类型=文/ JavaScript的>$(文件)。就绪(函数(){
$('#id_login_submit')。点击(函数(){ VAR _authetication_Data = {_username:$('#U1')VAL(),_password:$('#P1)VAL()} $阿贾克斯({
键入:POST,
网址:/帐号/ ProcessLoginRequest
数据:JSON.stringify({模式:_authetication_Data})
数据类型:JSON
的contentType:应用/ JSON的;字符集= UTF-8,
成功:函数(响应){
警报(响应);
}
}); });
}); < / SCRIPT>
@using(Html.BeginForm())
{
@ Html.AntiForgeryToken()
@ Html.ValidationSummary(真) @ Html.LabelFor(M = GT; m._UserName)
@ Html.TextBoxFor(M = GT; m._UserName,新{ID =U1})
@ Html.LabelFor(M = GT; m._Password)
@ Html.PasswordFor(M = GT; m._Password,新{ID =P1})
<输入类型=按钮ID =id_login_submitVALUE =登录/>
}
[HttpPost]
[ValidateAntiForgeryToken]
公共JsonResult ProcessLoginRequest(LoginModel模型)
{
字符串returnString = NULL; 如果(ModelState.IsValid&安培;&安培; WebSecurity.Login(model._UserName,model._Password,persistCookie:真))
{
returnString =用户身份验证;
} 其他
{returnString =从loginProcess消息; } 返回JSON(returnString,JsonRequestBehavior.AllowGet);
}
解决方案
的问题是,你不包括与您的要求VerificationToken:
VAR _authetication_Data = {_username:$('#U1')VAL(),_password:$('#P1)VAL(),__RequestVerificationToken:$('[名称= __ RequestVerificationToken]')VAL()。 }
I have jQuery code that post data with JSON.stringify to controller class but when I used AntiForgeryToken, it doesn't work.. is any better way to secure JSON post or I am missing out something....
secondly do i need additional to this .. i.e. encryption to secure JSON data...
many thanks for help in advanced...
<script type="text/javascript">
$(document).ready(function () {
$('#id_login_submit').click(function () {
var _authetication_Data = { _UserName: $('#u1').val(), _Password: $('#p1').val() }
$.ajax({
type: "POST",
url: "/Account/ProcessLoginRequest",
data: JSON.stringify({ model: _authetication_Data }),
dataType: "json",
contentType: "application/json; charset=utf-8",
success: function (response) {
alert(response);
}
});
});
});
</script>
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
@Html.ValidationSummary(true)
@Html.LabelFor(m => m._UserName)
@Html.TextBoxFor(m => m._UserName, new { id = "u1"})
@Html.LabelFor(m => m._Password)
@Html.PasswordFor(m => m._Password, new { id = "p1"})
<input type="button" id="id_login_submit" value="Login" />
}
[HttpPost]
[ValidateAntiForgeryToken]
public JsonResult ProcessLoginRequest(LoginModel model)
{
string returnString = null;
if (ModelState.IsValid && WebSecurity.Login(model._UserName, model._Password, persistCookie: true))
{
returnString = "user is authenticated";
}
else
{ returnString = "Message from loginProcess"; }
return Json(returnString, JsonRequestBehavior.AllowGet);
}
解决方案
The problem is that you are not including the VerificationToken with your request:
var _authetication_Data = { _UserName: $('#u1').val(), _Password: $('#p1').val(), __RequestVerificationToken: $('[name=__RequestVerificationToken]').val(); }
这篇关于我如何能在MVC 4使用AntiForgeryToken使用JSON职位的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文