如何获得最近验证的用户？ [英] How to get recently authenticated user?

问题描述

我与MVC 3工作，我刚刚实施了FormsAuthenticationService的包装。

I am working with MVC 3 and I have just implemented a wrapper for the FormsAuthenticationService.

类似于下面的内容。

public void SignIn(string username, bool createPersistantCookie)
{
    if (string.IsNullOrEmpty(username)) 
        throw new ArgumentException("Value Cannot be null or empty", "username");

    FormsAuthentication.SetAuthCookie(username, createPersistantCookie);
}

不情愿，我得到这个工作，但现在我不太知道如何让我所存储的信息。

Reluctantly, I have gotten this to work, but now I am not quite sure how to get the information that I have stored.

一旦用户在我的系统，怎么能如果我需要抓住他们的用户名从数据库中现在我放心地获取这些信息？

Once the user is in my system, how can I now safely retrieve this information if I need to grab their UserID out of the database?

推荐答案

根据所提供的更多信息，你想存储更多的数据与FormsAuthentication票。要做到这一点，你首先需要创建一个自定义FormsAuthentication票：

Based on the additional information provided, you want to store additional data with the FormsAuthentication ticket. To do so, you need first create a custom FormsAuthentication ticket:

存储数据

抓住当前HttpContext（不必担心可测试性）

Grab the current HttpContext (not worrying about testability)

var httpContext = HttpContext.Current;

确定的时候，车票应该过期：

Determine when the ticket should expire:

var expires = isPersistent 
                ? DateTime.Now.Add(FormsAuthentication.Timeout) 
                : NoPersistenceExpiryDate; // NoPersistenceExpiryDate = DateTime.MinValue

创建一个新的FormsAuthentication票来保存您的自定义数据。

Create a new FormsAuthentication ticket to hold your custom data.

var authenticationTicket = new FormsAuthenticationTicket(
                             1, 
                             username, 
                             DateTime.Now, 
                             DateTime.Now.Add(FormsAuthentication.Timeout), 
                             isPersistent, 
                             "My Custom Data String"); //Limit to about 1200 bytes max

创建您的HTTP cookie

Create your HTTP cookie

new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authenticationTicket))
  {
    Path = FormsAuthentication.FormsCookiePath,
    Domain = FormsAuthentication.CookieDomain,
    Secure = FormsAuthentication.RequireSSL,
    Expires = expires,
    HttpOnly = true
  };

最后添加到响应

httpContext.Response.Cookies.Add(cookie);

检索数据

然后就可以通过解析存储的身份验证票证检索后续请求您的数据...

Then you can retrieve your data on subsequent requests by parsing the stored authentication ticket...

再次抓住当前HttpContext

Again, grab current HttpContext

var httpContext = HttpContext.Current

检查是否请求已经被认证（在Application_AuthenticateRequest或OnAuthorize拨打）

Check to see if the request has been authenticated (call in Application_AuthenticateRequest or OnAuthorize)

if (!httpContext.Request.IsAuthenticated)
    return false;

检查看看，如果你有一个FormsAuthentication票可用，它没有过期：

Check to see if you have a FormsAuthentication ticket available and that it has not expired:

var formsCookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (formsCookie == null)
  return false;

检索FormsAuthentication票：

Retrieve the FormsAuthentication ticket:

var authenticationTicket = FormsAuthentication.Decrypt(formsCookie.Value);
if (authenticationTicket.Expired)
  return false;

和最后检索数据：

var data = authenticationTicket.UserData;

这篇关于如何获得最近验证的用户？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！