. Net implements logon authentication for website users and. net user logon authentication

. Net implements logon authentication for website users and. net user logon authentication

After a cookie is logged on, the website under the same domain name remains in the same logon status.

Login

Private void SetAuthCookie (string userId, bool createPersistentCookie) {var ticket = new FormsAuthenticationTicket (2, userId, DateTime. now, DateTime. now. addDays (7), true, "", FormsAuthentication. formsCookiePath); string ticketEncrypted = FormsAuthentication. encrypt (ticket); HttpCookie cookie; if (createPersistentCookie) // whether it has been valid for the set expiration time {cookie = new HttpCookie (FormsAuthentication. formsCookieName, ticketEncrypted) {HttpOnly = true, Path = FormsAuthentication. formsCookiePath, Secure = FormsAuthentication. requireSSL, Expires = ticket. expiration, Domain = "cnblogs.com" // set the authenticated Domain name here. The same Domain name includes sub-Domain names such as aa.cnblogs.com or bb.cnblogs.com with the same logon status };} else {cookie = new HttpCookie (FormsAuthentication. formsCookieName, ticketEncrypted) {HttpOnly = true, Path = FormsAuthentication. formsCookiePath, Secure = FormsAuthentication. requireSSL, // Expires = ticket. expiration, // if there is no Expiration time, Domain = "cnblogs.com"};} HttpContext will expire after the browser is closed. current. response. cookies. remove (FormsAuthentication. formsCookieName); HttpContext. current. response. cookies. add (cookie );}

In this way, the user status can be obtained on any page under the same domain name after logon.

Determine whether a user is logged on

public bool IsAuthenticated{　　get　　{　　　　bool isPass = System.Web.HttpContext.Current.User.Identity.IsAuthenticated;　　　　if (!isPass)　　　　　　SignOut();　　　　return isPass;　　}}

Get the current user name

public string GetCurrentUserId(){   return _httpContext.User.Identity.Name;}

The following is a specific example.

CS Page code:

Using System; using System. data; using System. configuration; using System. collections; using System. web; using System. web. security; using System. web. UI; using System. web. UI. webControls; using System. web. UI. webControls. webParts; using System. web. UI. htmlControls; using System. data. sqlClient; public partial class Login: System. web. UI. page {protected void Page_Load (object sender, EventArgs e) {} protected void Butt Onsellclick (object sender, EventArgs e) {string connString = Convert. ToString (ConfigurationManager. ConnectionStrings ["001 ConnectionString"]); // 001ConnectionString is the database connection I configured in webconfig. SqlConnection conn = new SqlConnection (connString); string strsql = "select * from User_table where User_name = '" + UserName. text + "'and Password ='" + Password. text + "'"; SqlCommand cmd = new SqlCommand (strsql, conn); conn. open (); SqlDataReader dr = cmd. executeReader (CommandBehavior. closeConnection); if (dr. read () {Response. redirect ("index. aspx "); conn. close ();} else {FailureText. text = "Login Failed. Please check the login information! "; Conn. Close (); Response. Write (" <script language = javascript> alert ('login failed !. '); </Script> ") ;}} protected void Button2_Click (object sender, EventArgs e) // the reset button in the text box {UserName. text = ""; Password. text = "";}}

The following is the aspx page code:

<% @ Page Language = "C #" AutoEventWireup = "true" CodeFile = "Login. aspx. cs" Inherits = "Login" %> <! DOCTYPE html PUBLIC "-// W3C // dtd xhtml 1.0 Transitional // EN "" http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd "> <Html xmlns =" http://www.w3.org/1999/xhtml "> <Head runat =" server "> <title> No title page </title>