1

我想为我的网站制作一个登录页面,但我对使用什么以及在哪里放置验证身份验证的功能感到困惑,并保持它如何跟踪会话。

我应该在控制器中执行此操作并使用 xlst 吗?

4

1 回答 1

3

如果您只是对创建注册页面/登录页面感兴趣,我建议您阅读这篇文章

以下代码片段来自那篇文章,它向您展示了登录用户控件:

public partial class Login : System.Web.UI.UserControl
{
    protected void Page_Load(object sender, EventArgs e)
    {
        /*--- Set the navigation url for the Register hyperlink ---*/
        var registerHyperLink = (HyperLink)uxLogin.FindControl("RegisterHyperLink");
        registerHyperLink.NavigateUrl = "~/Register.aspx?ReturnUrl=" + HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"]);

        uxLogin.RememberMeSet = false;

        if (!IsPostBack)
        {
            /*--- Restore remembered username(?) ---*/
            var c = Request.Cookies["username"];

            if (c == null)
            {
                uxUsernameTextBox.Text = "";
            }
            else
            {
                uxUsernameTextBox.Text = c.Value;
                uxLogin.RememberMeSet = true;
            }
        }
    }

    protected TextBox uxUsernameTextBox { get { return uxLogin.FindControl("UserName") as TextBox; } }

    protected void uxLogin_LoggedIn(object sender, EventArgs e)
    {
        /*--- Inits ---*/
        var url = Request.QueryString["url"];

        /*--- Remember/Forget Username ---*/
        if (uxLogin.RememberMeSet)
            Response.SetCookie("username", uxUsernameTextBox.Text, 365);
        else
            Response.DeleteCookie("username", Request);

        /*--- Redirect (?) ---*/
        if (url == null)
        {
            Response.Redirect("~/"); // Main page for authenticated users
        }
        else
        {
            var url2 = Server.UrlDecode(url);
            Response.Redirect(url2);
        }
    }

    /*  This field and the LoggingIn and LoginError event procedures place the user
        in the correct domain for the current site.  This way the user doesn't have
        to specify the domain, logging in (for example) as "johndoe" instead of
        "domain\johndoe". */

    private string _usernameEntered = string.Empty;

    protected void uxLogin_LoggingIn(object sender, LoginCancelEventArgs e)
    {
        var domainUser = Sitecore.Context.Domain.GetFullName(uxLogin.UserName);

        if (System.Web.Security.Membership.GetUser(domainUser) != null)
        {
            _usernameEntered = uxLogin.UserName;
            uxLogin.UserName = domainUser;
        }
    }
    protected void uxLogin_LoginError(object sender, EventArgs e)
    {
        uxLogin.UserName = _usernameEntered;
    }
}

一般来说:Sitecore 会为您跟踪登录用户,您需要做的就是让安全页面拒绝Anonymous用户的读取权限。然后,您可以为分配了特定角色的所有用户授予读取权限。有关这方面的更多信息,请查看这个 StackOverflow问题(当然是答案)。

于 2013-04-24T08:47:58.100 回答