1: <authorization><!--禁止未通過的用戶訪問-->
2: <deny user="?"></deny>
3: </authorization>
這個“玩意”的登陸頁面的文件名及目錄結構必須是這樣的“~/Account/Login.cshtml”;關鍵代碼如下:
1: <form method="post">
2: 帳號<input name="user" type="text" />
3: 密碼<input name="pass" type="password" />
4: <input name="login" type="submit" value="登錄" class="button" />
5: </form>
邏輯代碼:
1: @{
2: var returnUrl = Request.QueryString["ReturnUrl"];
3: if(returnUrl.IsEmpty()){
4: returnUrl = "~/Admin/";
5: }
6: if(IsPost){
7: var username = Request.Form["user"];
8: var password = Request.Form["pass"];
9: var nickname = "";
10: var y = FormsAuthentication.HashPasswordForStoringInConfigFile(username+password,"md5");
11: var db = Database.Open("RazorCMS");
12: var sqlSel = "select TOP 1 username,password,nickname from SiteSet";
13: var user = db.QuerySingle(sqlSel);
14: var x = FormsAuthentication.HashPasswordForStoringInConfigFile(user["username"]+user["password"],"md5");
15: if(x==y){
16: nickname = user["nickname"];
17: FormsAuthentication.RedirectFromLoginPage(nickname,true);
18: }
19: }
20: }
證明趨勢登陸成功:
1: @{
2: var n = Context.User.Identity.Name;
3: }
