asp.net forms身分識別驗證，避免重複造輪子

問題：大家都說使用 forms 驗證無法得到當前登入使用者除了使用者名稱之外的更多資訊，經過我的一番小實驗，在 forms 方式下內建的 userdata 可以為我們施展天地的地方。下面記錄一下我的操作步驟備忘。
step 1: web.config 配置關鍵地方：
web.config配置 複製代碼 代碼如下:<!--
通過 <authentication> 節可以配置 ASP.NET 用來
識別進入使用者的
安全身分識別驗證模式。
-->
<authentication mode="Forms">
<forms loginUrl="login.aspx" defaultUrl="index.aspx"
name=".ztinfozero" path="/Manager"
slidingExpiration="true" timeout="10"></forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>

step 2: 構造 SiteUser Model 複製代碼 代碼如下:TopicUser Model
[Serializable]
public class TopicUser
{
public TopicUser() { }
model#region model
private System.Int32 _autoID;
/**//// <summary>
///
/// </summary>
public System.Int32 autoID
{
get { return _autoID; }
set { _autoID = value; }
}
private System.String _UserName;
/**//// <summary>
/// 使用者名稱
/// </summary>
public System.String UserName
{
get { return _UserName; }
set { _UserName = value; }
}
private System.String _UserChName;
/**//// <summary>
/// 真實姓名
/// </summary>
public System.String UserChName
{
get { return _UserChName; }
set { _UserChName = value; }
}
private System.String _UserPass;
/**//// <summary>
///
/// </summary>
public System.String UserPass
{
get { return _UserPass; }
set { _UserPass = value; }
}
private System.String _DepartMent;
/**//// <summary>
///
/// </summary>
public System.String DepartMent
{
get { return _DepartMent; }
set { _DepartMent = value; }
}
private System.String _Duty;
/**//// <summary>
///
/// </summary>
public System.String Duty
{
get { return _Duty; }
set { _Duty = value; }
}
private System.Int32 _UserPermit;
/**//// <summary>
///
/// </summary>
public System.Int32 UserPermit
{
get { return _UserPermit; }
set { _UserPermit = value; }
}
private System.Int32 _Status;
/**//// <summary>
///
/// </summary>
public System.Int32 Status
{
get { return _Status; }
set { _Status = value; }
}
#endregion
}

step 3: 建立使用者登入代碼：

資料庫－使用者登入方法 複製代碼 代碼如下:public TopicUser UserLogon(string username, string pass) {
string proc = "dbo.infozero_Proc_userLogOn";
Database db = DataFactory.userDB;
DbCommand cmd = db.GetStoredProcCommand(proc);
db.AddInParameter(cmd, "@username", DbType.String, username);
db.AddInParameter(cmd, "@userpass", DbType.String, pass);
db.AddOutParameter(cmd, "@result", DbType.Int32, 4);
DataSet ds = db.ExecuteDataSet(cmd);
TopicUser user = null;
int result = 0;
if (int.TryParse(db.GetParameterValue(cmd, "@result").ToString(), out result) )
user = tableToUser(ds.Tables[0]);
return user;
}
#region table to user
private TopicUser tableToUser(DataTable dt) {
TopicUser model = null;
if (dt.Rows.Count > 0) {
model = new TopicUser();
DataRow dr = dt.Rows[0];
int aid = 0;
int.TryParse(dr["autoID"].ToString(), out aid );
model.autoID = aid;
model.UserName = dr["UserName"].ToString();
model.UserChName = dr["UserChName"].ToString();
model.UserPass = dr["UserPass"].ToString();
model.DepartMent = dr["DepartMent"].ToString();
model.Duty = dr["Duty"].ToString();
if (dr["UserPermit"].ToString() != "")
{
model.UserPermit = int.Parse(dr["UserPermit"].ToString());
}
if (dr["Status"].ToString() != "")
{
model.Status = int.Parse(dr["Status"].ToString());
}
}
return model;
}
#endregion

step 4 : 建立登入頁：

代碼 複製代碼 代碼如下:protected void btnOK_Click(object sender, EventArgs e)
{
string username = tbname.Text.Trim();
string pass = tbpass.Text.Trim();
if (!string.IsNullOrEmpty(username)) {
if (!string.IsNullOrEmpty(pass)) {
DataService.User b = new DataService.User();
DataService.TopicUser user = b.UserLogon(username, pass);
if (user != null) {
//roles , userid | userchname
string userdata = string.Format("{0},{1}|{2}",
user.UserPermit, user.autoID, user.UserChName);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
, username, DateTime.Now, DateTime.Now.AddHours(2),
true, userdata);
string encticket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName, encticket);
Response.Cookies.Add(cookie);
Response.Redirect("Index.aspx");
}
}
}
}

step 5: 在 global.asax 裡添加 Application_AuthenticateRequest 事件以設定當前登入使用者的資訊： 複製代碼 代碼如下:protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
HttpCookie cookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null) {
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
if (ticket != null) {
string[] roles = ticket.UserData.Split(',');
FormsIdentity id = new FormsIdentity(ticket);
System.Security.Principal.GenericPrincipal principal = new GenericPrincipal(id, roles);
Context.User = principal;
}
}
}

step 6: 如何得到當前登入使用者的資訊 複製代碼 代碼如下:public static TopicUser CurrentUser {
get {
DataService.TopicUser user = new DataService.TopicUser();
FormsIdentity identity = HttpContext.Current.User.Identity as FormsIdentity;
FormsAuthenticationTicket ticket = identity.Ticket;
string userdata = ticket.UserData; //擷取自訂的 UserData 串
if (!string.IsNullOrEmpty(userdata)) {
if (userdata.IndexOf(',') > 0 && userdata.IndexOf('|') > 0)
{
//roles , userid | userchname
string uinfo = userdata.Split(',')[1];
string[] u = uinfo.Split('|');
int uid = 0;
int.TryParse(u[0], out uid);
user.autoID = uid;
user.UserChName = u[1];
user.UserName = HttpContext.Current.User.Identity.Name;
}
}
return user;
}
}

由此得到當前登入使用者的 ID 為 UserBase.CurrentUser.autoID ; 真實名字是： UserBase.CurrentUser.UserChName ;
判斷目前使用者的角色是否為管理員： HttpContext.Current.User.IsInRole("1") ; // 1 為管理員
退出當前登入的方法：
LogOut.aspx 複製代碼 代碼如下:protected void Page_Load(object sender, EventArgs e)
{
System.Web.Security.FormsAuthentication.SignOut();
Response.Write("<script>window.top.location='login.aspx';</script>");
Response.End();
}

至此，身分識別驗證完成。我們不用費盡心思在四處堆放使用者是否登入判斷的代碼了。