I'm trying to implement a simple login for admin in a MVC3 project. I'm new to ASP.NET and to MVC3. I have googled and asked questions! have seen a lot of really nice ways of implementing this but they were all on a very abstract level and quite frankly maybe a bit to high f开发者_如何学JAVAor me at the time being. I have the credentials in my db so basically I just want to query that one and redirect the user if login matches those and if not show login form again. So this is what I got. My model:
public class FormModel
{
public bool isAdmin { get; set; }
[Required(ErrorMessage = "Please enter your Username")]
//[Remote("ValidateUserName", "Login", ErrorMessage = "UserName already taken!")]
[StringLength(6, MinimumLength = 3)]
[Display(Name = "Username:")]
[RegularExpression(@"(\S)+", ErrorMessage = "White space is not allowed")]
public string UserName { get; set; }
[Required(ErrorMessage = "Please enter your Password")]
[DataType(DataType.Password)]
[Display(Name = "Password:")]
public string Password { get; set; }
}
public User IsAdmin(string username, string password)
{
return (from user in db.Users
where user.username == username && user.password == password <--- alternative here is to just match username and pass against the data I have in my db columns(testdata 'admin', 'password')
&& user.IsAdmin == true
select user).SingleOrDefault();
}
And in my controller basically this right now:
public ActionResult Index()
{
//some code here maybe a conditional
return View();
}
And finally my view:
@model Web.VoucherCannon.Models.FormModel
@using (Html.BeginForm("HandleForm", "Login", FormMethod.Post, new {id = "myForm"})) {
@Html.ValidationSummary(true)
<div class="editor-label">
@Html.LabelFor(model => model.UserName)
</div>
<div class="editor-field">
@Html.EditorFor(model => model.UserName)
@Html.ValidationMessageFor(model => model.UserName)
</div>
<div class="editor-label">
@Html.LabelFor(model => model.Password)
</div>
<div class="editor-field">
@Html.EditorFor(model => model.Password)
@Html.ValidationMessageFor(model => model.Password)
</div>
<button class="button">Log In</button>
}
So now. How do I use the returned result of the query in my controller so that I can login? I'm sure I will refactor this later on and make it with a dbcontext layer and so on, but just for now I will be happy to make this work. Grateful for help!
You should have 2 controller actions: one for rendering the login (accessible on GET) form and one for handling the submission (accessible on POST) and performing the actual authentication.
// This will render the Login view (the one you have shown)
public ActionResult Login()
{
var model = new FormModel();
return View(model);
}
// This one is responsible for handling the submission and credential verification
[HttpPost]
public ActionResult Login(FormModel model)
{
if (!ModelState.IsValid)
{
// The user submit the form but validation
// (as defined on the model using DataAnnotation attributes) failed
// => redisplay the view so that the user can fix his errors
return View(model);
}
// notice that you don't need to pass parameters to the IsAdmin method
// as it already contains the username and password as properties
if (!model.IsAdmin())
{
// The IsAdmin method didn't verify the credentials => add a model error
// and redisplay the login view
ModelState.AddModelError("username", "dude you are not an admin");
return View(model);
}
// OK, at this stage everything is fine => we can grant access
// by issuing an authentication cookie
FormsAuthentication.SetAuthCookie(model.UserName, false);
// finally we redirect to some home page for admins
return RedirectToAction("Index", "Admin");
}
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论