0

有时我在刷新页面后退出,我并不完全是什么问题,因为我每次页面加载所做的只是检查用户是否通过表单身份验证进行身份验证以及变量会话是否为空

 if (!HttpContext.Current.User.Identity.IsAuthenticated || Session["Nome"] == null)
{
        FormsAuthentication.RedirectToLoginPage();
}

这是我的 webconfig 文件,我将过期时间设置为 300 分钟,所以我不明白...

<configuration>

<system.web>    
<customErrors mode="Off"/>

<authentication mode="Forms">
  <forms defaultUrl="~/Account/Inicio.aspx" loginUrl="~/Login.aspx" name=".ASPXFORMSAUTH" timeout="300" slidingExpiration="true" protection="All"/>
</authentication>
<sessionState timeout="300" cookieless="false"></sessionState>

<authorization>
  <allow users="?"/>
</authorization>

<compilation debug="true" targetFramework="4.5">
  <assemblies>
    <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
    <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
  </assemblies>
</compilation>
<!-- MAXIMO TAMANHO DE UPLOAD POR FICHEIRO-->
<httpRuntime targetFramework="4.5" maxRequestLength="5242880"/>
<identity impersonate="false"/>
<pages>
  <controls>
    <add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit"/>
  </controls>
</pages>
   </system.web>
   <system.webServer>
    <defaultDocument>
      <files>
        <clear/>
        <add value="Login.aspx"/>
      </files>
    </defaultDocument>
        <validation validateIntegratedModeConfiguration="false"/>
        <modules runAllManagedModulesForAllRequests="true"/>



<handlers>
    <add name="AjaxFileUploadHandler" verb="*" 
      path="AjaxFileUploadHandler.axd"
      type="AjaxControlToolkit.AjaxFileUploadHandler, 
      AjaxControlToolkit"/>
</handlers>

</system.webServer>

<appSettings>

   <add key="ValidationSettings:UnobtrusiveValidationMode" value="None"/>
 </appSettings>
 <runtime>
   <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">


  <dependentAssembly>
    <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" culture="neutral"/>
    <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234"/>
  </dependentAssembly>
</assemblyBinding>

这是我的登录

 protected void btnLogin_Click(object sender, EventArgs e)
    {
        string username = Login_Txt.Text;
        string password = Pass_Txt.Text;
        bool rememberMe = false;

        if (Page.IsValid)
        {
            int IdUser = Security.ValidateLogin(username, password);
            //int IdUser = 4;
            switch (IdUser)
            {
                case -1:
                    Label_Erro.Text = "Username/Password incorrecto.";
                    break;
                default:
                    var user = Utilizador.GetUserData(IdUser);                            
                    Session["Nome"] = user.Nome;                        

                    // Create a new FormsAuthenticationTicket that includes our User Data
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, IdUser.ToString(), DateTime.Now, DateTime.Now.AddMinutes(300), rememberMe, user.Grupo, FormsAuthentication.FormsCookiePath);
                    string hashCookies = FormsAuthentication.Encrypt(ticket);
                    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies);
                    Response.Cookies.Add(cookie);
                    string returnUrl = Request.QueryString["ReturnUrl"];
                    // check if it exists, if not then redirect to default page
                    if (returnUrl == null) returnUrl = "~/Account/Inicio.aspx";
                    Response.Redirect(returnUrl);
                    break;
            }
        }
    }
4

0 回答 0