Shulou(Shulou.com)06/03 Report--

What this article shares to you is about how to achieve user login in the MVC4 production website. The editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.

One user

1.1 user Registration

1.2 user login

First of all, add the user login model class UserLogin to Models, which only uses three fields: user name, password and CAPTCHA.

/ user login model / public class UserLogin {/ username / [Display (Name = "username", Description = "4-20 characters.")] [Required (ErrorMessage = "×")] [StringLength (20, MinimumLength = 4, ErrorMessage = "×")] public string UserName {get; set;} / password / [Display (Name = "password", Description = "6-20 characters.")] [Required (ErrorMessage = "×")] [StringLength (20, MinimumLength = 6, ErrorMessage = "×")] [DataType (DataType.Password)] public string Password {get; set;} / CAPTCHA / / [Display (Name = "CAPTCHA", Description = "Please enter the CAPTCHA in the picture.")] [Required (ErrorMessage = "×")] [StringLength (6, MinimumLength = 6, ErrorMessage = "×")] public string VerificationCode {get; set;}}

Add the Login action; code to UserController as follows:

Public ActionResult Login () {return View ();} [HttpPost] public ActionResult Login (UserLogin login) {return View ();}

Use Cookie to save login account, password and other information, and modify public ActionResult Login (UserLogin login). The modified code is as follows:

[HttpPost] public ActionResult Login (UserLogin login) {/ / CAPTCHA if (Session ["VerificationCode"] = = null | | Session ["VerificationCode"] .ToString () = "") {Error _ e = new Error {Title = "CAPTCHA does not exist", Details = "the CAPTCHA on the server is empty when the user registers" Or the verification code submitted to the server is empty ", Cause =" you have stayed on the registration page for too long when you registered and the page has timed out. You bypass client verification and submit data to the server ", Solution =" return to the registration page, refresh and re-register "} Return RedirectToAction ("Error", "Prompt", _ e);} else if (Session ["VerificationCode"]. ToString ()! = login.VerificationCode.ToUpper ()) {ModelState.AddModelError ("VerificationCode", "×"); return View ();} / / verify account password userRsy = new UserRepository (); if (userRsy.Authentication (login.UserName, Common.Text.Sha256 (login.Password)) = = 0) {HttpCookie _ cookie = new HttpCookie ("User") _ cookie.Values.Add ("UserName", login.UserName); _ cookie.Values.Add ("Password", Common.Text.Sha256 (login.Password)); Response.Cookies.Add (_ cookie); return RedirectToAction ("Default", "User");} else {ModelState.AddModelError ("Message", "login failed!") ; return View ();}}

Right-click public ActionResult Login () to add an enhanced type view

Complete the Login.cshtml of the offspring

@ model CMS.Models.UserLogin@ {ViewBag.Title = "user login"; Layout = "~ / Views/Shared/_Layout.cshtml";}

@ using (Html.BeginForm ()) {@ Html.ValidationSummary (true) users log in @ Html.LabelFor (model = > model.UserName): @ Html.EditorFor (model = > model.UserName) @ Html.ValidationMessageFor (model = > model.UserName) @ Html.DisplayDescriptionFor (model = > model.UserName) @ Html.LabelFor (model = > model.Password): @ Html.PasswordFor (model = > model.Password) @ Html.ValidationMessageFor (model = > Model.Password) @ Html.DisplayDescriptionFor (model = > model.Password) verification code: @ Html.TextBoxFor (model = > model.VerificationCode) @ Html.ValidationMessageFor (model = > model.VerificationCode)

Get another @ Html.ValidationMessage ("Message");} $("# trydifferent") .click (function () {$("# verificationcode") .attr ("src", "/ User/VerificationCode?" + new Date ());}) @ section Scripts {@ Scripts.Render ("~ / bundles/jqueryval")}

Check the landing page in the browser.

Click on the login test. OK login succeeded

Verify that the user has logged in, which, together with permission verification, inherits a custom authentication class from AuthorizeAttribute

Add an Extensions folder in the project, add a class UserAuthorizeAttribute inherited from AuthorizeAttribute, override the AuthorizeCore method to verify whether the user has logged in, and the permission verification is added when writing permissions.

Using Ninesky.Repository;namespace System.Web.Mvc {/ user rights verification / public class UserAuthorizeAttribute: AuthorizeAttribute {/ core [verify whether the user is logged in] / protected override bool AuthorizeCore (HttpContextBase httpContext) {/ / check whether the Cookies ["User"] has if (httpContext.Request.Cookies ["User"] = = null) return false / / verify that the username password is correct HttpCookie _ cookie = httpContext.Request.Cookies ["User"]; string _ userName = _ cookie ["UserName"]; string _ password = _ cookie ["Password"]; httpContext.Response.Write ("username:" + _ userName); if (_ userName = "| | _ password =") return false; UserRepository _ userRsy = new UserRepository (); if (_ userRsy.Authentication (_ userName, _ password) = 0) return true; else return false }}}

In the future, you can verify whether you have logged in by adding [UserAuthorize] to the Action or Controller that needs to be logged in.

Exit the function and add Logout Action to UserController

/ public ActionResult Logout () {if (Request.Cookies ["User"]! = null) {HttpCookie _ cookie = Request.Cookies ["User"]; _ cookie.Expires = DateTime.Now.AddHours (- 1); Response.Cookies.Add (_ cookie);} Notice _ n = new Notice {Title = "exit successfully", Details = "you have quit successfully!" , DwellTime = 5, NavigationName= "website homepage", NavigationUrl = Url.Action ("Index", "Home")}; return RedirectToAction ("Notice", "Prompt", _ n);} above is how to achieve user login in the MVC4 production website. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.