class="lnum"> 1: <authorization><!--禁止未通过的用户访问-->
2: <deny user="?"></deny>
3: </authorization>因为这玩意默认启用Forms验证,所以不用添加<authentication mode=”Forms”>添加了反而会报错
这个“玩意”的登陆页面的文件名及目录结构必须是这样的“~/Account/Login.cshtml”;关键代码如下:
1: <form method="post">
2: 帐号<input name="user" type="text" />
3: 密码<input name="pass" type="password" />
4: <input name="login" type="submit" value="登录" class="button" />
5: </form>
逻辑代码:
1: @{
2: var returnUrl = Request.QueryString["ReturnUrl"];
3: if(returnUrl.IsEmpty()){
4: returnUrl = "~/Admin/";
5: }
6: if(IsPost){
7: var username = Request.Form["user"];
8: var password = Request.Form["pass"];
9: var nickname = "";
10: var y = FormsAuthentication.HashPasswordForStoringInConfigFile(username+password,"md5");
11: var db = Database.Open("RazorCMS");
12: var sqlSel = "select TOP 1 username,password,nickname from SiteSet";
13: var user = db.QuerySingle(sqlSel);
14: var x = FormsAuthentication.HashPasswordForStoringInConfigFile(user["username"]+user["password"],"md5");
15: if(x==y){
16: nickname = user["nickname"];
17: FormsAuthentication.RedirectFromLoginPage(nickname,true);
18: }
19: }
20: }
请高手解答:为什么我请求Admin目录不能定位到Default.cshtml
证明趋势登陆成功:
1: @{
2: var n = Context.User.Identity.Name;
3: }
在页面输出n就行了
相关文章
