开发者

Logging into an MVC3 app doesn't remember who I am

I have an MVC3 application using NHibernate. I've created my own membership and role providers and they're working ok. I have a problem with logging in though (probably due to inexperience with ASP.NET security). I wonder if someone could help me.

Here's my controller

    [Authorize(Roles="Admin")]
    public ActionResult Edit(int? id)
    {
       ...

I have a login url setup in Web.config

<authentication mode="Forms">
  <forms loginUrl="~/User/Login" timeout="2880" cookieless="AutoDetect" />
</authentication>

So, when I try and click the edit link I get forwarded to the login page. All well and good so far.

    [HttpPost]
    public ActionResult Login(LogOnModel model, string returnUrl)
    {

        if (ModelState.IsValid)
        {
            if (_membershipProvider.ValidateUser(model.UserName, model.Password))
            {
                FormsAuthentication.Authenticate(model.UserName, model.Password);        
                FormsAuthentication.RedirectFromLoginPage(model.UserName, false);
            }
            else
            {
                ModelState.AddModelError开发者_如何学C("", "The user name or password provided is incorrect.");
            }
        }

        return View(model);
    }

I then get forwarded to the page I came from but when I click the Edit link again I get sent back to the login page. How do I get ASP.NET to store the user in session or something so that it remembers me?


You should pass "true" to that :

FormsAuthentication.RedirectFromLoginPage(model.UserName, true);

From here : http://msdn.microsoft.com/en-us/library/ka5ffkce(v=VS.100).aspx

userName The authenticated user name.

createPersistentCookie true to create a durable cookie (one that is saved across browser sessions); otherwise, false.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜