指定用戶的授權

對於登陸的特定用戶 可以在web.config 文件設置其權限

web.config 只給admin用戶授權登陸

 <!--
            通過 <authentication> 節可以配置 ASP.NET 用來
            識別進入用戶的
            安全身份驗證模式。
        -->
    <authentication mode="Forms">
      <forms name="Login" loginUrl="login.aspx" defaultUrl="noteFlatroot/index.aspx" timeout ="60">
        <credentials passwordFormat="SHA1"></credentials>
      </forms>
     
    </authentication>
    <authorization >
      <deny users="?"/>
      <allow users ="admin"/>
      <deny users ="*"/>
     
    </authorization>

 

保存用戶信息到驗證票 驗證權限的類

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;

/// <summary>
///YanZLogin 的摘要說明
/// </summary>
public class YanZLogin
{
    public YanZLogin()
    { }
    //
    //TODO: 在此處添加構造函數邏輯
    //

    // 身份驗證的代碼      
    public static string AuthenticationTicket(string username)
    {
        FormsAuthenticationTicket tichet = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddHours(24), true, "");
        string hashticket = FormsAuthentication.Encrypt(tichet); //加密
        HttpCookie userCookie = new HttpCookie(FormsAuthentication.FormsCookieName);
        userCookie.Value = hashticket;//獲取或設置單個 Cookie 值。
        userCookie.Expires = tichet.Expiration;//設置此Cookie 的過期日期和時間
        userCookie.Domain = FormsAuthentication.CookieDomain;//獲取或設置將此 Cookie 與其關聯的域
        HttpContext.Current.Response.Cookies.Add(userCookie);//將對象添加到Cookie 中去
        string requestUrl = FormsAuthentication.GetRedirectUrl(FormsAuthentication.FormsCookieName, false);
        //不要使用FormsAuthentication.RedirectFromLoginPage方法,因爲這個方法會重寫cookie 
        //重新定向到請求的url 

        return requestUrl;
    }

}

 

login.aspx.cs 文件

 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            SerialNumber1.Create();
        }
    }
    protected void LinkButton1_Click(object sender, EventArgs e)
    {
        this.SerialNumber1.Create();
    }
    /// <summary>
    /// 提交登陸信息
    /// </summary>
    /// <param name="sender"></param>
    /// <param name="e"></param>
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        string returnUrl = Request.QueryString["ReturnUrl"];
        string Lpwd = ConfigurationManager.ConnectionStrings["pwd"].ToString();
        //判斷驗證碼是否錯誤
        if (!SerialNumber1.CheckSN(txtYZ.Text.Trim()))
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "", "<script>alert('驗證碼錯誤！')</script>");
        }
        else
        {
            string name = txtName.Text;
            string pwd = txtPwd.Text;
          
           
            if (pwd.Equals(Lpwd))
            {
                YanZLogin.AuthenticationTicket(name);
                Page.ClientScript.RegisterStartupScript(this.GetType(), "", "<script>location.href='" + returnUrl + "'</script>");
            }
            else
                Page.ClientScript.RegisterStartupScript(this.GetType(), "", "<script>alert('密碼錯誤！')</script>");
        }
    }
}