cookie登錄后同域名下的網(wǎng)站保持相同的登錄狀態(tài)。
登錄
private void SetAuthCookie(string userId, bool createPersistentCookie){ var ticket = new FormsAuthenticationTicket(2, userId, DateTime.Now, DateTime.Now.AddDays(7), true, "", FormsAuthentication.FormsCookiePath); string ticketEncrypted = FormsAuthentication.Encrypt(ticket); HttpCookie cookie; if (createPersistentCookie)//是否在設(shè)置的過期時間內(nèi)一直有效 { cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted) { HttpOnly = true, Path = FormsAuthentication.FormsCookiePath, Secure = FormsAuthentication.RequireSSL, Expires = ticket.Expiration, Domain = "cnblogs.com"http://這里設(shè)置認證的域名���,同域名下包括子域名如aa.cnblogs.com或bb.cnblogs.com都保持相同的登錄狀態(tài) }; } else { cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted) { HttpOnly = true, Path = FormsAuthentication.FormsCookiePath, Secure = FormsAuthentication.RequireSSL, //Expires = ticket.Expiration,//無過期時間的����,瀏覽器關(guān)閉后失效 Domain = "cnblogs.com" }; } HttpContext.Current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName); HttpContext.Current.Response.Cookies.Add(cookie);}這樣登錄后����,在同域名下的任何頁面都可以得到用戶狀態(tài)
判斷用戶是否登錄
public bool IsAuthenticated{ get { bool isPass = System.Web.HttpContext.Current.User.Identity.IsAuthenticated; if (!isPass) SignOut(); return isPass; }}得到當(dāng)前的用戶名
public string GetCurrentUserId(){ return _httpContext.User.Identity.Name;}下面給大家一個具體的實例
CS頁代碼:
using System;using System.Data;using System.Configuration;using System.Collections;using System.Web;using System.Web.Security;using System.Web.UI;using System.Web.UI.WebControls;using System.Web.UI.WebControls.WebParts;using System.Web.UI.HtmlControls;using System.Data.SqlClient;public partial class Login : System.Web.UI.Page{protected void Page_Load(object sender, EventArgs e){}protected void Button1_Click(object sender, EventArgs e){ string connString = Convert.ToString(ConfigurationManager.ConnectionStrings["001ConnectionString"]);//001ConnectionString是我在webconfig里配置的數(shù)據(jù)庫連接�。SqlConnection conn = new SqlConnection(connString); string strsql = "select * from User_table where User_name='" + UserName.Text + "' and Password='" + Password.Text + "'";SqlCommand cmd = new SqlCommand(strsql, conn);conn.Open();SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);if (dr.Read()){ Response.Redirect("index.aspx");conn.Close();}else{FailureText.Text = "登陸失敗,請檢查登陸信息!";conn.Close();Response.Write("<script language=javascript>alert('登陸失敗!.');</script>");}}protected void Button2_Click(object sender, EventArgs e) //文本框重置按鈕{UserName.Text = "";Password.Text = "";}}
