我有一个使用简单会员 OOTB 帐户控制器的 mvc4 表单应用程序。我有一个应用程序的视图模型,在完成注册后我能够成功检索用户名,如下所示:
this.UserName = HttpContext.Current.User.Identity.Name;
在这一点上,我的注册方法如下:
try
{
WebSecurity.CreateUserAndAccount(model.UserName, model.Password, propertyValues: new
{
//Form defined values
Forename = model.Forename,
Surname = model.Surname,
Email = model.Email,
Password = model.Password,
Answer = model.SecretAnswer,
DOB = model.DOB,
//Auto defined values
JoinDate = DateTime.Today,
LastLogin = DateTime.Now,
CompanyID = 5,
ParticipationPoints = 0,
Privacy = 0,
IsDeleted = 0,
ImageURL = "/Images/user-holder.jpg"
});
WebSecurity.Login(model.UserName, model.Password);
return RedirectToAction("Index", "Home");
}
catch (MembershipCreateUserException e)
{
ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
}
在与我的客户协商后,决定防止任何人只是在互联网上注册,他们应该已经包含在用户表中,并且用户名值作为预先存在的用户找到。因此,在此之后,注册更改为:
控制器
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
avm.Username = model.UserName;
avm.Forename = model.Forename;
avm.Surname = model.Surname;
avm.Email = model.Email;
avm.Password = model.Password;
avm.Answer = model.SecretAnswer;
avm.DOB = model.DOB;
avm.RegisterUser();
if (avm.StatusCode == "Success")
{
return RedirectToAction("Index", "Home");
}
else
{
//ModelState.AddModelError("", ErrorCodeToString(avm.StatusCode));
return View();
}
}
}
视图模型
try
{
this.dbcontext = new MyContext(System.Configuration.ConfigurationManager.ConnectionStrings["MyContext"].ConnectionString);
userRepository = new Repository<MyUser>(dbcontext);
//Step 1 - Check User is in user table.
MyUser userCheck = userRepository.Get(u => u.Username == this.Username).ToList().FirstOrDefault();
if (userCheck == null)
{
StatusCode = "NoUserError";
return;
}
else
{
//Step 2 - Check user has not already registered
if (userCheck.Password != null || userCheck.Answer != null)
{
StatusCode = "AlreadyRegistered";
return;
}
}
//Step 3 - Check the email is valid and the password confirms to password length.
Regex expEmail = new Regex(@"^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$");
if (!expEmail.IsMatch(this.Email))
{
StatusCode = "InvalidEmail";
return;
}
if (this.Password.Length < 8)
{
StatusCode = "InvalidPassword";
return;
}
//Encrypt the password to store in SQL Azure. It does not at this point have any encryption.
EncryptionUtils encryptor = new EncryptionUtils();
string encrytpedPassword = encryptor.Encrypt(this.Password);
//Form defined fields
userCheck.Username = this.Username;
userCheck.Password = encrytpedPassword;
userCheck.Forename = this.Forename;
userCheck.Surname = this.Surname;
userCheck.Email = this.Email;
userCheck.Answer = this.Answer;
userCheck.DOB = this.DOB;
//Automatically defined values
userCheck.JoinDate = DateTime.Today;
userCheck.LastLogin = DateTime.Now;
userCheck.CompanyID = 5;
userCheck.RoleID = 3;
userCheck.ParticipationPoints = 0;
userCheck.Privacy = 0;
userCheck.IsDeleted = false;
userCheck.ImageURL = "/Images/user-holder.jpg";
userRepository.Update(userCheck);
userRepository.SaveChanges();
StatusCode = "Success";
}
catch (Exception ex)
{
StatusCode = "Error";
return;
}
}
现在,当我点击家庭控制器时,我无法访问 HttpContext.Current.User.Identity.Name 值。由于更改,经过身份验证的用户名是否存储在其他地方?