我试图在给定用户完全“登录”到我正在构建的站点之前检查他们是否具有角色。通常我会使用以下代码:
User.IsInRole("CustomRole")
但在这种情况下,该行总是产生“假” - 我相信这是因为要使用 User.IsInRole,用户必须已经完全登录。我试图在我的 Account 控制器的 LogOn 方法中检查这条信息,所以用户还没有登录(我认为)。
我将如何返回一个用户对象,以便我可以在下面做我想做的事情:
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
// Need to identify the user because the "User" is not officially 'logged in' yet and cannot be accessed via "User.IsInRole" - am I correct in this understanding
MembershipUser u = Membership.GetUser(model.UserName);
if (u.IsInRole("Administrator"))
. . . . truncated
上面的代码抛出以下错误:
'System.Web.Security.MembershipUser' does not contain a definition for 'IsInRole' and no extension method 'IsInRole' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?)
MembershipUser u = Membership.GetUser(model.UserName) 显然没有返回我可以使用 IsInRole 的对象,有什么提示吗?