cookie登录后同域名下的网站保持相同的登录状态。
登录
private void SetAuthCookie(string userId, bool createPersistentCookie)
{
var ticket = new FormsAuthenticationTicket(2, userId, DateTime.Now, DateTime.Now.AddDays(7), true, "", FormsAuthentication.FormsCookiePath); string ticketEncrypted = FormsAuthentication.Encrypt(ticket); HttpCookie cookie; if (createPersistentCookie)//是否在设置的过期时间内一直有效 { cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted) { HttpOnly = true, Path = FormsAuthentication.FormsCookiePath, Secure = FormsAuthentication.RequireSSL, Expires = ticket.Expiration, Domain = "cnblogs.com"//这里设置认证的域名,同域名下包括子域名如aa.cnblogs.com或bb.cnblogs.com都保持相同的登录状态 }; } else { cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted) { HttpOnly = true, Path = FormsAuthentication.FormsCookiePath, Secure = FormsAuthentication.RequireSSL, //Expires = ticket.Expiration,//无过期时间的,浏览器关闭后失效 Domain = "cnblogs.com" }; } HttpContext.Current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName); HttpContext.Current.Response.Cookies.Add(cookie);
}
这样登录后,在同域名下的任何页面都可以得到用户状态
判断用户是否登录
public bool IsAuthenticated{ get { bool isPass = System.Web.HttpContext.Current.User.Identity.IsAuthenticated; if (!isPass) SignOut(); return isPass; }}得到当前的用户名
public string GetCurrentUserId(){ return _httpContext.User.Identity.Name;}
原标题:网站用户登录认证
关键词:登录
我知道了 