0

我正在使用 Asp.net MVC4 Jquery ajax,我正在传递带有请求标头的令牌...

这里的例外是:提供的防伪令牌用于用户“”,但当前用户是“用户名”。

我已经尝试过这里的答案Anti forgery token is mean for user "" 但当前用户是 第三种解决方案的“用户名”但无法成功..

请任何人帮助我如何按照上面给出的答案实现前两个步骤......

或任何其他解决方案请告诉我...

//看法

<script type="text/javascript">

    var JsTokenHeaderValue = '@Utils.TokenHeaderValue()';

</script>

//Antivalidationforgery 令牌:

private Task<HttpResponseMessage> ValidateAntiForgeryToken(HttpActionContext actionContext, CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation)
        {
            try
            {
                string cookieToken = "";
                string formToken = "";
                IEnumerable<string> tokenHeaders;
                if (actionContext.Request.Headers.TryGetValues("RequestVerificationToken", out tokenHeaders))
                {
                    string[] tokens = tokenHeaders.First().Split(':');
                    if (tokens.Length == 2)
                    {
                        cookieToken = tokens[0].Trim();
                        formToken = tokens[1].Trim();
                    }
                }
                AntiForgery.Validate(cookieToken, formToken);
            }
            catch (System.Web.Mvc.HttpAntiForgeryException exception)
            {

                ErrorLogDA.LogException(exception);

                actionContext.Response = new HttpResponseMessage
                {
                    StatusCode = HttpStatusCode.BadRequest,
                    RequestMessage = actionContext.ControllerContext.Request
                };
                return FromResult(actionContext.Response);
            }
            return continuation();
        }

我在这里更新我的问题,令牌是由于 Membership 类,用户在没有登录的情况下获得身份验证。在我的情况下,我第一次进行页面加载,然后 Cookie 获取值为 null,第二次页面加载 cookie 从某个位置获取值 .ASPXAUTH ..这就是为什么令牌问题可能是..这是我的标题控制器方法..

//标题部分 - 控制器

 public ActionResult UCHeader()
        {
            try
            {

                var ViewLogOnModel = new LogOnModel();

                HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
                if (authCookie == null)
                {
                    ViewLogOnModel.LoggedInUserId = Guid.Empty;
                    return PartialView("UCHeader", ViewLogOnModel);
                }

                //Is Authenticated..
                if (User.Identity.IsAuthenticated == true)
                {
                    if (User.Identity.AuthenticationType == "Forms")
                    {
                        MembershipUser memberUser = Common.Utils.GetLoggedinUserInfo(this.User.Identity.Name);

                        if (memberUser != null)
                        {
                            Guid userId = (Guid)memberUser.ProviderUserKey;

                            ViewLogOnModel.LoggedInUserId = userId;

                            ViewLogOnModel.UserEmail = this.User.Identity.Name;

                            return PartialView("UCHeader", ViewLogOnModel);
                        }
                        else
                        {

                            ViewLogOnModel.LoggedInUserId = Guid.Empty;
                            return PartialView("UCHeader", ViewLogOnModel);
                        }
                    }
                    else
                    {

                        ViewLogOnModel.LoggedInUserId = Guid.Empty;
                        return PartialView("UCHeader", ViewLogOnModel);
                    }

                }
                else
                {

                    ViewLogOnModel.LoggedInUserId = Guid.Empty;
                    return PartialView("UCHeader", ViewLogOnModel);
                }


            }
            catch (Exception ex)
            {
                ErrorLogDA.LogException(ex);
                Response.Redirect("~/ErrorUiLog/Index", false);
            }

            return null;
        }
4

0 回答 0