MVC开发中登录模块

需求分析:登录一般显示在右上角,作为一个单独的_loginPartial.cshtml,引入到body页面中,每一个body页面的加载都会调用_loginPartial.cshtml

View:_loginPartial.cshtml

<style>
    .nav{
        margin-right:10px;
        margin-top:3px;
    }
    .nav ul li {
        float:left;
    }
</style>

@if(Request.IsAuthenticated){
    <div class="nav" >
        <ul>
            <li><a href="/Vip/Index"><span>你好,</span>@Context.User.Identity.Name&nbsp;|&nbsp;</a></li>
            <li><a onclick="logout()">退出</a></li>
        </ul>
    </div>
}else{
    <div class="nav" >
        <ul>
            <li><a href="/Login/Index">登录</a>&nbsp;|&nbsp;</li>
            <li><a href="/Login/Register">注册</a></li>
        </ul>
    </div>
}
<script>
    function logout() {
        $.ajax({
            url: '/Login/LogOut',
            type: 'post',
            data: {},
            dataType: 'json',
            success: function (data) {
                if (data.status == 1) {
                    window.location = '/';
                } else {

                }
            },
        });
    }
</script>

controller:

登录判断完成返回JSON前调用下面的方法

// 登录状态N分钟内有效 1.UserName就是你想显示出来的名称,如果是手机号,就传入手机号

// 2.account,就是存入cookie里的对象,自己定义的model,一般就是UserID,UserName,还可以加上手机号Mobile

// 3.最后是cookie失效时间.
FormLogin<AccountModel>.Login(oSysUser.UserName, account, 60 * 24 * 60);

//

public static void Login(string loginName, TUserData userData, int expiration)
{
            if (string.IsNullOrEmpty(loginName))
                throw new ArgumentNullException("loginName");
            if (userData == null)
                throw new ArgumentNullException("userData");

            // 1. 把需要保存的用户数据转成一个字符串。
            string data = null;
            if (userData != null)
                data = (new JavaScriptSerializer()).Serialize(userData);


            // 2. 创建一个FormsAuthenticationTicket，它包含登录名以及额外的用户数据。
            //************记住一天***********************//
            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                2, loginName, DateTime.Now, DateTime.Now.AddMinutes(expiration), true, data);


            // 3. 加密Ticket，变成一个加密的字符串。
            string cookieValue = FormsAuthentication.Encrypt(ticket);


            // 4. 根据加密结果创建登录Cookie
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieValue);
            cookie.HttpOnly = true;
            cookie.Secure = FormsAuthentication.RequireSSL;
            cookie.Domain = FormsAuthentication.CookieDomain;
            cookie.Path = FormsAuthentication.FormsCookiePath;
            if (expiration > 0)
                cookie.Expires = DateTime.Now.AddMinutes(expiration);

            HttpContext context = HttpContext.Current;
            if (context == null)
                throw new InvalidOperationException();

            // 5. 写登录Cookie
            context.Response.Cookies.Remove(cookie.Name);
            context.Response.Cookies.Add(cookie);

}

MVC里的web.config(*****):主要就是被卡在这

<system.web>
    <!--配合form Login 处理登录相关cookie-->
    <authentication mode="Forms">
      <forms loginUrl="~/Login/Login" timeout="2880"/>
    </authentication>
</system.web>