没有数据库的ASP.NET Core中的登录功能

编程问答 2022-06-22

问题描述

我想在没有数据库的情况下执行登录功能

我在此链接中引用了登录功能https://csharp-video-tutorials.blogspot.com/2019/06/implementing-login-functionality-in.html

AccountController中,我如何重组post函数以使其像这样:

if username = admin && password = admin with the rememberme then system will allow the user to login with Session Cookie

在这里

[HttpPost]
public async Task<IActionResult> Login(Loginviewmodel model)
{
    if (ModelState.IsValid)
    {
        var result = await signInManager.PasswordSignInAsync(
                model.UserName,model.Password,model.RememberMe,false);

        if (result.Succeeded)
        {
            return RedirectToAction("index","home");
        }

        ModelState.AddModelError(string.Empty,"Invalid Login Attempt");
    }

    return View(model);
}

如果我不能这样做,那么我如何需要登录功能才能基于引用获得表值?

解决方法

您不能以这种方式使用标准身份验证模型。

您可以使用Cookie来实现您的想法:

public class LoginModel
{
    public string Username { get; set; }
    public string Password { get; set; }
}
    
[HttpGet]
public IActionResult Index()
{
    string id = Request.Cookies["id"];
    if (string.IsNullOrEmpty(id))
        return View();

    if (id.Equals("A48FFAEC-FD0E-4DED-B66E-87014762CC3D"))
        return RedirectToAction("Index","Dashboard");

    return View();
}

[HttpPost]
public IActionResult Index(LoginModel login)
{
    var validUsers = new List<LoginModel>
    {
        new LoginModel {Username = "admin",Password = "admin"}
    };

    if (validUsers.FirstOrDefault(f => 
            f.Username.ToLower() == login.Username.ToLower()
            && f.Password == login.Password) != null)
    {
        string uniqueId = "A48FFAEC-FD0E-4DED-B66E-87014762CC3D";

        CookieOptions option = new CookieOptions {MaxAge = TimeSpan.FromDays(7)};
        Response.Cookies.Append("id",uniqueId,option);

        return RedirectToAction("Index","Dashboard");
    }

    ViewBag.Error = "Invalid account credentials";
    return View();
}

您可以使用文件来存储凭据,并可以使用GUID为不同的用户生成新的唯一标识符,并实施更加动态和自己的用户管理:

[HttpGet]
public IActionResult Index()
{
    string id = Request.Cookies["id"];
    if (string.IsNullOrEmpty(id))
        return View();

    if (! System.IO.File.Exists(Resources.ValidIdentifiersFileName))
        return View();

    var validIds = System.IO.File.ReadAllLines("Accounts.txt");
    if (validIds.Contains(id))
        return RedirectToAction("Index",Password = "admin"}
    };

    if (validUsers.FirstOrDefault(f => 
            f.Username.ToLower() == login.Username.ToLower()
            && f.Password == login.Password) != null)
    {
        string uniqueId = Guid.NewGuid().ToString();
        System.IO.File.AppendAllText("Accounts.txt",uniqueId + Environment.NewLine);

        CookieOptions option = new CookieOptions {MaxAge = TimeSpan.FromDays(7)};
        Response.Cookies.Append("id","Dashboard");
    }

    ViewBag.Error = "Invalid account credentials";
    return View();
}
  • 请注意,此实现非常简单,并且不是完全安全和合格的,出于安全原因,最好使用处理不同安全路径的标准和合格身份验证方法。
asp.net-coreasp.net-mvcc#c#