1.后台登陆与权限
登录设计:1.输入登录名和密码验证是否正确。正确登录至首页,错误提示【登录名或密码错误】。
2.登录错误次数超过3次【启用验证码】。
3.用户名或密码错误,登录失败超过{0}次,请{1}分钟后再试!(创建登录日志表 状态:1失败 2.失败错误过多)
4.登录成功保存登录凭证。
/// <summary> /// 保存登录信息 /// </summary> /// <param name="loginId">登录ID</param> /// <param name="name">用户名</param> /// <param name="loginName">登录名</param> protected void FormsAuth(string loginId, string loginName, string realName) { //提供对凭证的访问和属性设置 FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, loginId,//账户Id DateTime.Now,//票证发出时间 DateTime.Now.AddMinutes(Convert.ToInt32(ConfigurationManager.AppSettings["AccountActiveing"])), false, //是否持久保存 loginName + "," + realName //写入登录名、用户名 ); var encryptedTicket = FormsAuthentication.Encrypt(authTicket); //创建一个加密的字符凭证 HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); //创建一个Cookie Response.Cookies.Add(authCookie); //写入cookies
}
5.判断凭据是否存在
public ActionResult LogOn() { if (!string.IsNullOrEmpty(HttpContext.User.Identity.Name)) { return RedirectToAction("Index", "Home"); } return View(new LogOnForm()); }
6.退出登录
/// <summary> /// 登出 /// </summary> /// <returns></returns> public ActionResult LogOut() { //清空登录信息 CookieExtensions.DeleteCookie(FormsAuthentication.FormsCookieName); return RedirectToAction("LogOn"); }