我有一个非常普通的登录页面,只有用户名和密码字段:
<h2>Sign in</h2>
@Html.ValidationSummary()
@using (Html.BeginForm("SignIn"))
{
<p>
@Html.LabelFor(model => model.Username)
@Html.TextBoxFor(model => model.Username)
</p>
<p>
@Html.LabelFor(model => model.Password)
@Html.PasswordFor(model => model.Password)
</p>
<input type="submit" value="Submit"/>
}
我有一个实际的符号定义如下:
[HttpPost]
[ActionName("SignIn")]
public ActionResult SignInConfirmation(UserCredentialsModel model)
{
if (ModelState.IsValid)
{
var userIsValid = Membership.ValidateUser(model.Username, model.Password);
if (userIsValid)
{
FormsAuthentication.SetAuthCookie(model.Username, false);
return RedirectToAction("Index", "Home");
}
ModelState.AddModelError(string.Empty, "Incorrect username and\or password.");
}
return View();
}
除此之外,我还有一个部分,将显示"请登录"或"欢迎用户"取决于他们是否经过身份验证或现在。
通过调试代码和Fiddler,我可以看到cookie被创建并返回。
当部分被击中时,用户永远不会被验证:
[ChildActionOnly]
public ActionResult Index()
{
if (User.Identity.IsAuthenticated) // =< This is always false.
{
var userDetailsModel = new UserDetailsModel
{
UserName = User.Identity.Name
};
return PartialView("Authenticated", userDetailsModel);
}
return PartialView("Unauthenticated");
}
我也试过手摇FormsAuthenticationTicket:
var userData = JsonConvert.SerializeObject(new { model.Username });
var issueDate = DateTime.Now;
var authenticationTicket = new FormsAuthenticationTicket(1,
model.Username,
issueDate,
issueDate.AddMinutes(5),
false,
userData);
但结果相同…
为什么我从来没有被认证过?
您的web.config中是否有类似<authentication mode="Forms">的东西你应该拥有它