Original http://www.cnblogs.com/aehyok/archive/2013/04/21/3034683.html
Preface
After logging in.
Memership Configuration
First open the Web. config file and add a database connection definition in the configuration section,CodeAs follows:
<Connectionstrings> <Add name ="Connectionstring"Connectionstring ="Data Source = mwvcmnffk0zazt5; initial catalog = simplecms; persist Security info = true; user id = sa; Password = SAA; pooling = false"Providername ="System. Data. sqlclient"> </Add> </connectionstrings>
Enter the database address, user name, and password in the Code according to your actual situation. Add the definition of the membership provider in the system. Web segment. The Code is as follows:
<Membership> <providers> <clear/> <Add name = " Aspnetsqlmembershipprovider " Type = " System. Web. Security. sqlmembershipprovider " Connectionstringname = " Connectionstring " Enablepasswordretrieval = " False " Enablepasswordreset = " True " Requiresquestionandanswer = " False " Requiresuniqueemail = " True " Maxinvalidpasswordattempts = " 5 " Minrequiredpasswordlength = " 6 " Minrequirednonalphanumericcharacters =" 0 " Passwordattemptwindow = " 10 " Applicationname = " / " /> </Providers> </Membership> <rolemanager enabled = " True " > <Providers> <clear/> <Add name = " Aspnetsqlroleprovider " Type = " System. Web. Security. sqlroleprovider " Connectionstringname = " Connectionstring " Applicationname = " / " /> <Add name = " Aspnetwindow#enroleprovider " Type = " System. Web. Security. window#enroleprovider " Applicationname = " / " /> </Providers> </rolemanager>
The above connectionstringname ="Connectionstring"It must be consistent with the database connection string configured above.
In the code, the membership segment is used to define the membership provider. The defined content includes:
The type is sqlmembershipprovider, indicating that the SQL Server Provider is used;
The database connection string (connectionstringname) is the connection string just defined;
Enablepasswordretrieval is fallse;
Set enablepasswordreset to true;
The value of requiresquestionandanswer is false;
The value of requiresuniqueemail is true;
The maximum number of failed password attempts (maxinvalidpasswordattempts) is 5;
The minimum password length (minrequiredpasswordlength) is 6;
The minimum number of non-characters in the password (minrequirednonalphanumericcharacters) is 0;
The interval (passwordattemptwindow) between consecutive failed attempts of valid passwords or password answers for tracking is 10 minutes.
The last applicationname indicates the current application.ProgramBecause no application uses the database provider, it is set to "/".
The role provider defined in the rolemanager section mainly defines the connection string and Application ID.
After the configuration is complete, select the project and ASP. NET configuration in the main menu. If the configuration is correct, you can now add users and roles.
Click the Security tab on the page.
Click "create or Manage Roles" in the role to create two roles: System Administrator and common user. Return to the "Security" tab, and click "create user" in the user to create the admin and test users. The passwords of both users are set to 123456. Enter the password in your email. Set the admin role as the system administrator and the test role as a common user.
Then return to accountcontroller. The code for modifying the login action is as follows:
Public Jobject login (loginmodel model ){ Bool Success = False ; Jobject errors = New Jobject (); If (Modelstate. isvalid ){ String Vcode = "" ; If (Session [ " Vcode " ]! = Null ) {Vcode = Session [ " Vcode " ]. Tostring ();} If (Vcode. Count ()> 0 & Amp; vcode. tolower () = Model. vcode. tolower () {membershipuser user = Membership. getuser (model. username ); If (User! = Null ){ If (User. isapproved) {timespan TS = User. lastlockoutdate. addminutes (60 )- Datetime. now; If (User. islockedout & TS. Minutes> 0 ) {Errors. Add ( " Username " , " The user name has been locked, " + Ts. minutes + " Minutes later, you can try again. " );} Else { If (User. islockedout) user. unlockuser (); If (Membership. validateuser (model. username, model. Password )){ If (Roles. isuserinrole (model. username, " System Administrator " ) | Roles. isuserinrole (model. username," Common User " ) {Formsauthentication. setauthcookie (model. username, False ); Success = True ;} Else {Errors. Add ( " Username " , " You do not have permission to log on to the system. " );}} Else {Errors. Add ( " Username " , " Incorrect username or password. " ); Errors. Add ( " Password " , " Incorrect username or password. " );}}}} Else {Errors. Add ( " Username " ," Incorrect username or password. " ); Errors. Add ( " Password " , " Incorrect username or password. " );}} Else {Errors. Add ( " Vcode " , " Incorrect verification code " );}} Else {Myfunction. modelstatetojobject (modelstate, errors );} Return Myfunction. writejobjectresult (success, errors );}
First, verify the verification code.
Then, get the membershipuser object through membershipuser user = membership. getuser (model. username.
Verify the certificate. Then F5 runs the test.
Test
Then use admin to test
This is the test result.
Sample Code download link http://files.cnblogs.com/aehyok/ExtJsLoginBetter.rar