ASP.NETMVC中的登录验证和授权未能正常工作。
- 确保您已启用ASP.NET身份验证。您可以通过在Web.config文件中的
标记内设置mode属性为“Forms”来启用它。示例:
- 确保您对需要访问权限的控制器或动作使用了Authorize属性。例如:
[Authorize] public ActionResult SecureAction() { return View(); }
- 确保您在登录后设置了用户的身份验证Cookie。示例:
var ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(30), false, userData, "/"); var encryptedTicket = FormsAuthentication.Encrypt(ticket); var authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); HttpContext.Response.Cookies.Add(authenticationCookie);
- 确保您的登录页面正确执行身份验证。示例:
public ActionResult Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { var user = _userService.Authenticate(model.UserName, model.Password); if (user != null) { var userData = GetUserSpecificData(user); var ticket = new FormsAuthenticationTicket(1, user.UserName, DateTime.Now, DateTime.Now.AddMinutes(30), false, userData, FormsAuthentication.FormsCookiePath); var encryptedTicket = FormsAuthentication.Encrypt(ticket); var authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); HttpContext.Response.Cookies.Add(authenticationCookie); if (!string.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", "Invalid username or password."); } } return View(model); }
如果您的问题仍然存在,请确保在代码中使用Debug和Trace以查找更多信息。