.net实现网站用户登录认证
程序员文章站
2023-12-18 16:19:58
cookie登录后同域名下的网站保持相同的登录状态。
登录
private void setauthcookie(string userid, bool cre...
cookie登录后同域名下的网站保持相同的登录状态。
登录
private void setauthcookie(string userid, bool createpersistentcookie) { var ticket = new formsauthenticationticket(2, userid, datetime.now, datetime.now.adddays(7), true, "", formsauthentication.formscookiepath); string ticketencrypted = formsauthentication.encrypt(ticket); httpcookie cookie; if (createpersistentcookie)//是否在设置的过期时间内一直有效 { cookie = new httpcookie(formsauthentication.formscookiename, ticketencrypted) { httponly = true, path = formsauthentication.formscookiepath, secure = formsauthentication.requiressl, expires = ticket.expiration, domain = "cnblogs.com"//这里设置认证的域名,同域名下包括子域名如aa.cnblogs.com或bb.cnblogs.com都保持相同的登录状态 }; } else { cookie = new httpcookie(formsauthentication.formscookiename, ticketencrypted) { httponly = true, path = formsauthentication.formscookiepath, secure = formsauthentication.requiressl, //expires = ticket.expiration,//无过期时间的,浏览器关闭后失效 domain = "cnblogs.com" }; } httpcontext.current.response.cookies.remove(formsauthentication.formscookiename); httpcontext.current.response.cookies.add(cookie); }
这样登录后,在同域名下的任何页面都可以得到用户状态
判断用户是否登录
public bool isauthenticated { get { bool ispass = system.web.httpcontext.current.user.identity.isauthenticated; if (!ispass) signout(); return ispass; } }
得到当前的用户名
public string getcurrentuserid() { return _httpcontext.user.identity.name; }
下面给大家一个具体的实例
cs页代码:
using system; using system.data; using system.configuration; using system.collections; using system.web; using system.web.security; using system.web.ui; using system.web.ui.webcontrols; using system.web.ui.webcontrols.webparts; using system.web.ui.htmlcontrols; using system.data.sqlclient; public partial class login : system.web.ui.page { protected void page_load(object sender, eventargs e) { } protected void button1_click(object sender, eventargs e) { string connstring = convert.tostring(configurationmanager.connectionstrings["001connectionstring"]); //001connectionstring是我在webconfig里配置的数据库连接。 sqlconnection conn = new sqlconnection(connstring); string strsql = "select * from user_table where user_name='" + username.text + "' and password='" + password.text + "'"; sqlcommand cmd = new sqlcommand(strsql, conn); conn.open(); sqldatareader dr = cmd.executereader(commandbehavior.closeconnection); if (dr.read()) { response.redirect("index.aspx"); conn.close(); } else { failuretext.text = "登陆失败,请检查登陆信息!"; conn.close(); response.write("<script language=javascript>alert('登陆失败!.');</script>"); } } protected void button2_click(object sender, eventargs e) //文本框重置按钮 { username.text = ""; password.text = ""; } }
下面是aspx页面代码:
<%@ page language="c#" autoeventwireup="true" codefile="login.aspx.cs" inherits="login" %> <!doctype html public "-//w3c//dtd xhtml 1.0 transitional//en" " http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns=" http://www.w3.org/1999/xhtml" > <head runat="server"> <title>无标题页</title> </head> <body> <form id="form1" runat="server"> <asp:panel id="panel1" runat="server" height="101px" width="231px" wrap="false"> <table> <tr> <td align="center" colspan="2"> 用户登陆</td> </tr> <tr> <td style="width: 89px"> 用户名:</td> <td style="width: 100px"> <asp:textbox id="username" runat="server" wrap="false"></asp:textbox></td> </tr> <tr> <td style="width: 89px"> 密码:</td> <td style="width: 100px"> <asp:textbox id="password" runat="server" textmode="password" width="148px" wrap="false" ></asp:textbox></td> </tr> <tr> <td align="center" colspan="2" style="text-align: center"> <asp:button id="button1" runat="server" text="登陆" width="50px" onclick="button1_click" /> <asp:button id="button2" runat="server" text="重置" width="50px" onclick="button2_click" /></td> </tr> <tr> <td align="center" colspan="2"> <asp:label id="failuretext" runat="server" width="77px"></asp:label></td> </tr> </table> </asp:panel> </form> </body> </html>