MVC4制作网站教程第二章 用户登陆2.2
程序员文章站
2024-02-10 14:04:40
一用户
1.1用户注册
1.2用户登陆
首先在models里添加用户登陆模型类userlogin,该类只要用用户名,密码和验证...
一用户
1.1用户注册
1.2用户登陆
首先在models里添加用户登陆模型类userlogin,该类只要用用户名,密码和验证码三个字段。
/// <summary>
/// 用户登陆模型
/// </summary>
public class userlogin
{
/// <summary>
/// 用户名
/// </summary>
[display(name = "用户名", description = "4-20个字符。")]
[required(errormessage = "×")]
[stringlength(20, minimumlength = 4, errormessage = "×")]
public string username { get; set; }
/// <summary>
/// 密码
/// </summary>
[display(name = "密码", description = "6-20个字符。")]
[required(errormessage = "×")]
[stringlength(20, minimumlength = 6, errormessage = "×")]
[datatype(datatype.password)]
public string password { get; set; }
/// <summary>
/// 验证码
/// </summary>
[display(name = "验证码", description = "请输入图片中的验证码。")]
[required(errormessage = "×")]
[stringlength(6, minimumlength = 6, errormessage = "×")]
public string verificationcode { get; set; }
}
在usercontroller里添加login action; 代码看如下:
public actionresult login()
{
return view();
}
[httppost]
public actionresult login(userlogin login)
{
return view();
}
使用cookie保存登陆账号,密码等信息,修改public actionresult login(userlogin login)。修改完成代码如下:
[httppost]
public actionresult login(userlogin login)
{
//验证验证码
if (session["verificationcode"] == null || session["verificationcode"].tostring() == "")
{
error _e = new error { title = "验证码不存在", details = "在用户注册时,服务器端的验证码为空,或向服务器提交的验证码为空", cause = "<li>你注册时在注册页面停留的时间过久页已经超时</li><li>您绕开客户端验证向服务器提交数据</li>", solution = "返回<a href='" + url.action("register", "user") + "'>注册</a>页面,刷新后重新注册" };
return redirecttoaction("error", "prompt", _e);
}
else if (session["verificationcode"].tostring() != login.verificationcode.toupper())
{
modelstate.addmodelerror("verificationcode", "×");
return view();
}
//验证账号密码
userrsy = new userrepository();
if (userrsy.authentication(login.username, common.text.sha256(login.password)) == 0)
{
httpcookie _cookie = new httpcookie("user");
_cookie.values.add("username", login.username);
_cookie.values.add("password", common.text.sha256(login.password));
response.cookies.add(_cookie);
return redirecttoaction("default","user");
}
else
{
modelstate.addmodelerror("message", "登陆失败!");
return view();
}
}
在public actionresult login() 上右键添加强类型视图
完成后代的login.cshtml
@model cms.models.userlogin
@{
viewbag.title = "用户登陆";
layout = "~/views/shared/_layout.cshtml";
}
<div class="banner">
<img src="~/skins/default/images/banner.jpg" />
</div>
@using (html.beginform())
{
@html.validationsummary(true)
<div class="form">
<dl>
<dt>用户登陆</dt>
<dd>
<div class="label">@html.labelfor(model => model.username):</div>
<div class="ctrl">@html.editorfor(model => model.username)
@html.validationmessagefor(model => model.username)
@html.displaydescriptionfor(model => model.username)
</div>
</dd>
<dd>
<div class="label">@html.labelfor(model => model.password):</div>
<div class="ctrl">@html.passwordfor(model => model.password)
@html.validationmessagefor(model => model.password)
@html.displaydescriptionfor(model => model.password)
</div>
</dd>
<dd>
<div class="label">验证码:</div>
<div class="ctrl">
@html.textboxfor(model => model.verificationcode)
@html.validationmessagefor(model => model.verificationcode)
<img id="verificationcode" alt="" src="@url.action("verificationcode", "user")" />
<a id="trydifferent" style="cursor: pointer">换一张</a>
</div>
</dd>
<dd>
<div class="label"></div>
<div class="ctrl">
<input type="submit" value="登陆" />@html.validationmessage("message");
</div>
</dd>
</dl>
<div class="clear"></div>
</div>
}
<script type="text/javascript">
$("#trydifferent").click(function () {
$("#verificationcode").attr("src", "/user/verificationcode?" + new date());
})
</script>
@section scripts {
@scripts.render("~/bundles/jqueryval")
}
浏览器中查看一下登陆页面
点下登陆测试一下。ok登陆成功
验证用户是否已经登陆,这块和权限验证一起从authorizeattribute继承个自定义验证类
在项目里添加extensions文件夹,添加一个类userauthorizeattribute 继承自authorizeattribute,重写authorizecore方法用来实现用户是否已经登陆的验证,权限验证在写权限功能时在补充
using ninesky.repository;
namespace system.web.mvc
{
/// <summary>
/// 用户权限验证
/// </summary>
public class userauthorizeattribute :authorizeattribute
{
/// <summary>
/// 核心【验证用户是否登陆】
/// </summary>
/// <param name="httpcontext"></param>
/// <returns></returns>
protected override bool authorizecore(httpcontextbase httpcontext)
{
//检查cookies["user"]是否存在
if (httpcontext.request.cookies["user"] == null) return false;
//验证用户名密码是否正确
httpcookie _cookie = httpcontext.request.cookies["user"];
string _username = _cookie["username"];
string _password = _cookie["password"];
httpcontext.response.write("用户名:"+_username);
if (_username == "" || _password == "") return false;
userrepository _userrsy = new userrepository();
if (_userrsy.authentication(_username, _password) == 0) return true;
else return false;
}
}
}
以后只要在需要登陆后才能操作的action或controller上加[userauthorize]就可实现验证是否已经登录了。
退出功能,在usercontroller添加logout action
/// <summary>
/// 退出系统
/// </summary>
/// <returns></returns>
public actionresult logout()
{
if (request.cookies["user"] != null)
{
httpcookie _cookie = request.cookies["user"];
_cookie.expires = datetime.now.addhours(-1);
response.cookies.add(_cookie);
}
notice _n = new notice { title = "成功退出", details = "您已经成功退出!", dwelltime = 5, navigationname="网站首页", navigationurl = url.action("index", "home") };
return redirecttoaction("notice", "prompt", _n);
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。
上一篇: js-聚焦到输入框最后位置-1.1
下一篇: sqlserver游标的使用