I am new to MVC and actually new to web development all together. I have about 7 years of development experience but in services, database, object models, etc.. basically middle-tier and back-end development. I am trying to learn ASP.NET and decided to build a site using MVC3 for a personal site for myself. I will be hosting this from an account at dotnet-hosts.com. Here is my question... I don't have a domain and I will be using the built in membership provider. I noticed in the auto generated code that was created when I added the project template that in the AccountController in the method ChangePassword (ChangePasswordModel model) there is this line of code...
我是MVC的新手,实际上是Web开发的新手。我有大约7年的开发经验,但在服务,数据库,对象模型等方面。基本上是中间层和后端开发。我正在尝试学习ASP.NET,并决定使用MVC3为自己的个人网站构建一个站点。我将通过dotnet-hosts.com上的一个帐户托管这个。这是我的问题...我没有域名,我将使用内置的成员资格提供程序。我注意到在我添加项目模板时创建的自动生成的代码,在方法ChangePassword(ChangePasswordModel模型)的AccountController中有这行代码...
MembershipUser currentUser = Membership.GetUser(User.Identity.Name, true /* userIsOnline */);
My question is specifically around User.Identity.Name, this looks like it would be returning the Windows user name just like Environment.UserName would. The Visual Studio template I used is the (Mobile Ready HTML5 MVC.NET) as I want to be able to support clients from any device...Windows PC, Apple, Windows Phone, iPhone, etc... If the call to User.Identity.Name is correct then I would like to ask how does this work on devices that are not Windows like an iPhone? If my assumption is correct that this will only work for Windows computers with a domain then how can I achieve this? would I need to perhaps use some caching? If so could I maybe grab the user name and their IP address to be used as the cache key from the Authentication page?
我的问题是围绕User.Identity.Name,这看起来像将返回Windows用户名,就像Environment.UserName那样。我使用的Visual Studio模板是(Mobile Ready HTML5 MVC.NET),因为我希望能够从任何设备支持客户端... Windows PC,Apple,Windows Phone,iPhone等...如果调用User .Identity.Name是正确的然后我想问一下这对于不像Windows的Windows设备有什么用?如果我的假设是正确的,这只适用于具有域的Windows计算机,那么我该如何实现呢?我是否需要使用一些缓存?如果可以的话,我可以从认证页面获取用作名称和IP地址作为缓存密钥吗?
My high level question is... How do I get the current logged in user's userName regardless of the device/platform? I know this question is probably not written well and may be hard to understand... I apologize for that. I am new to web development and trying to get my feet wet and would like to start to the latest technology.
我的高级问题是......无论设备/平台如何,我如何获得当前登录用户的userName?我知道这个问题可能写得不好而且可能很难理解......我为此道歉。我是网络开发的新手,并试图让我的脚湿透,并希望开始使用最新的技术。
2 个解决方案
#1
6
The call is correct. The User.Identity.Name is filled out by whatever authentication provider is in use - Windows authentication, Forms authentication, some custom authentication provider, or whatever. It isn't bound to a specific user "type". The authentication provider has the responsibility of making sure the Identity object corresponds to the current user on every request. Usually that part is taken care of using a combination of cookies and database.
电话是正确的。 User.Identity.Name由正在使用的任何身份验证提供程序填写 - Windows身份验证,Forms身份验证,某些自定义身份验证提供程序或其他。它不受特定用户“类型”的约束。身份验证提供程序负责确保Identity对象与每个请求上的当前用户相对应。通常使用cookie和数据库的组合来处理该部分。
The MVC template (although I haven't had a look at the template since MVC 2) uses ASP.NET's Membership class, which in turn uses a membership provider - for example SqlMembershipProvider or ActiveDirectoryMembershipProvider - the former stores your users' credentials (username and password etc.) in an SQL Server database, the latter uses Active Directory (i.e. primarily Windows logons). SqlMembershipProvider is the default, and MVC is set up to use a local SQLExpress database file as its user store.
MVC模板(虽然我从未看过模板,因为MVC 2)使用ASP.NET的Membership类,后者又使用成员资格提供程序 - 例如SqlMembershipProvider或ActiveDirectoryMembershipProvider - 前者存储用户的凭据(用户名和密码等)在SQL Server数据库中,后者使用Active Directory(即主要是Windows登录)。 SqlMembershipProvider是默认设置,MVC设置为使用本地SQLExpress数据库文件作为其用户存储。
The authentication provider that's implemented in the template project uses FormsAuthentication, which does the login procedure through a simple HTML form (the one in the LogOn view) and keeps the user signed in by way of an encrypted cookie. Works on any platform.
在模板项目中实现的身份验证提供程序使用FormsAuthentication,它通过简单的HTML表单(LogOn视图中的表单)执行登录过程,并通过加密cookie保持用户登录。适用于任何平台。
The setup for both FormsAuthentication and SqlMembershipProvider can be found in web.config (the one in the root of the site). There you can find the connection strings for the SQLExpress database (and e.g. change them to use a "real" SQL Server if needed), the timeout for logins etc.
可以在web.config(站点根目录中的那个)中找到FormsAuthentication和SqlMembershipProvider的设置。在那里,您可以找到SQLExpress数据库的连接字符串(例如,如果需要,可以将它们更改为使用“真正的”SQL Server),登录超时等。
(Note that you can do a lot of that configuration easily in a GUI through the "ASP.NET Configuration" button in the toolbar of Solution Explorer in Visual Studio - it also provides an easy way to set up the first users).
(请注意,您可以通过Visual Studio中解决方案资源管理器工具栏中的“ASP.NET配置”按钮在GUI中轻松完成大量配置 - 它还提供了一种设置第一个用户的简便方法)。
In short, it's all ready to go - and doesn't lock out non-Windows users.
简而言之,它已经准备就绪 - 并且不会锁定非Windows用户。
#2
4
Like you said User.Identity.Name is indeed correct. for returning the logged in users name. But the membership section like you said, provides only windows accounts. You can use similar without the user of windows accounts, to work in every scenario, and can still verify against windows if present. If you call it without membership, and follow the default MVC3 template it should work fine.
就像你说User.Identity.Name确实是正确的。用于返回登录用户名。但像你所说的会员部分只提供Windows帐户。您可以在没有Windows帐户用户的情况下使用类似的方法在每个方案中工作,并且仍然可以针对Windows进行验证(如果存在)。如果您在没有成员资格的情况下调用它,并遵循默认的MVC3模板,它应该可以正常工作。
String Username = User.Identity.Name;
When you log on, using the template MVC3, it creates an authcookie. See account controller code. Here, two parameters are passed into it. The username, and to persist (when browser is closed - login is still cached).
当您使用模板MVC3登录时,它会创建一个authcookie。请参阅帐户控制器代码这里,两个参数传递给它。用户名和持久性(当浏览器关闭时 - 登录仍然被缓存)。
The username is a string field, which is what is called by User.Identity.Name and infact, anything can be put into it, and is not in anyway linked to Windows login.
用户名是一个字符串字段,这是User.Identity.Name所调用的,事实上,任何东西都可以放入其中,并且不会以任何方式链接到Windows登录。
You could test the login via method you desire, and if yes, set a cookie using the authcookie method. (its encripted). And set the username to what ever you want. And if your verification of the user fails, dont create one, and redrect back to page.
您可以通过所需的方法测试登录,如果是,请使用authcookie方法设置cookie。 (它的入伍)。并将用户名设置为您想要的。如果您对用户的验证失败,请不要创建一个,并重新更新回页面。
See the example code. This is all from memory, as I dont have code infront of me for reference. But its all in the account controller, Login Action.
请参阅示例代码。这完全来自记忆,因为我没有代码在我面前供参考。但它全部在帐户控制器中,登录操作。
When the cookie is set, The users login state is cached for the session. You will need to ensure the user is logged in when visiting a webpage. Otherwise loggin in will be pointless. This is a simple attribute on the controller/action.
设置cookie后,将为会话缓存用户登录状态。您需要确保用户在访问网页时已登录。否则登录将毫无意义。这是控制器/操作的简单属性。
Note: dont do this to the Account/logon controller, as you wont be able to visit the logon page, as you are not logged in.
注意:不要对帐户/登录控制器执行此操作,因为您无法登录登录页面,因为您没有登录。
[Authorize]
public ActionResult DoSomething()
{
// ...
}
Hope I have helped.
希望我有所帮助。
#1
6
The call is correct. The User.Identity.Name is filled out by whatever authentication provider is in use - Windows authentication, Forms authentication, some custom authentication provider, or whatever. It isn't bound to a specific user "type". The authentication provider has the responsibility of making sure the Identity object corresponds to the current user on every request. Usually that part is taken care of using a combination of cookies and database.
电话是正确的。 User.Identity.Name由正在使用的任何身份验证提供程序填写 - Windows身份验证,Forms身份验证,某些自定义身份验证提供程序或其他。它不受特定用户“类型”的约束。身份验证提供程序负责确保Identity对象与每个请求上的当前用户相对应。通常使用cookie和数据库的组合来处理该部分。
The MVC template (although I haven't had a look at the template since MVC 2) uses ASP.NET's Membership class, which in turn uses a membership provider - for example SqlMembershipProvider or ActiveDirectoryMembershipProvider - the former stores your users' credentials (username and password etc.) in an SQL Server database, the latter uses Active Directory (i.e. primarily Windows logons). SqlMembershipProvider is the default, and MVC is set up to use a local SQLExpress database file as its user store.
MVC模板(虽然我从未看过模板,因为MVC 2)使用ASP.NET的Membership类,后者又使用成员资格提供程序 - 例如SqlMembershipProvider或ActiveDirectoryMembershipProvider - 前者存储用户的凭据(用户名和密码等)在SQL Server数据库中,后者使用Active Directory(即主要是Windows登录)。 SqlMembershipProvider是默认设置,MVC设置为使用本地SQLExpress数据库文件作为其用户存储。
The authentication provider that's implemented in the template project uses FormsAuthentication, which does the login procedure through a simple HTML form (the one in the LogOn view) and keeps the user signed in by way of an encrypted cookie. Works on any platform.
在模板项目中实现的身份验证提供程序使用FormsAuthentication,它通过简单的HTML表单(LogOn视图中的表单)执行登录过程,并通过加密cookie保持用户登录。适用于任何平台。
The setup for both FormsAuthentication and SqlMembershipProvider can be found in web.config (the one in the root of the site). There you can find the connection strings for the SQLExpress database (and e.g. change them to use a "real" SQL Server if needed), the timeout for logins etc.
可以在web.config(站点根目录中的那个)中找到FormsAuthentication和SqlMembershipProvider的设置。在那里,您可以找到SQLExpress数据库的连接字符串(例如,如果需要,可以将它们更改为使用“真正的”SQL Server),登录超时等。
(Note that you can do a lot of that configuration easily in a GUI through the "ASP.NET Configuration" button in the toolbar of Solution Explorer in Visual Studio - it also provides an easy way to set up the first users).
(请注意,您可以通过Visual Studio中解决方案资源管理器工具栏中的“ASP.NET配置”按钮在GUI中轻松完成大量配置 - 它还提供了一种设置第一个用户的简便方法)。
In short, it's all ready to go - and doesn't lock out non-Windows users.
简而言之,它已经准备就绪 - 并且不会锁定非Windows用户。
#2
4
Like you said User.Identity.Name is indeed correct. for returning the logged in users name. But the membership section like you said, provides only windows accounts. You can use similar without the user of windows accounts, to work in every scenario, and can still verify against windows if present. If you call it without membership, and follow the default MVC3 template it should work fine.
就像你说User.Identity.Name确实是正确的。用于返回登录用户名。但像你所说的会员部分只提供Windows帐户。您可以在没有Windows帐户用户的情况下使用类似的方法在每个方案中工作,并且仍然可以针对Windows进行验证(如果存在)。如果您在没有成员资格的情况下调用它,并遵循默认的MVC3模板,它应该可以正常工作。
String Username = User.Identity.Name;
When you log on, using the template MVC3, it creates an authcookie. See account controller code. Here, two parameters are passed into it. The username, and to persist (when browser is closed - login is still cached).
当您使用模板MVC3登录时,它会创建一个authcookie。请参阅帐户控制器代码这里,两个参数传递给它。用户名和持久性(当浏览器关闭时 - 登录仍然被缓存)。
The username is a string field, which is what is called by User.Identity.Name and infact, anything can be put into it, and is not in anyway linked to Windows login.
用户名是一个字符串字段,这是User.Identity.Name所调用的,事实上,任何东西都可以放入其中,并且不会以任何方式链接到Windows登录。
You could test the login via method you desire, and if yes, set a cookie using the authcookie method. (its encripted). And set the username to what ever you want. And if your verification of the user fails, dont create one, and redrect back to page.
您可以通过所需的方法测试登录,如果是,请使用authcookie方法设置cookie。 (它的入伍)。并将用户名设置为您想要的。如果您对用户的验证失败,请不要创建一个,并重新更新回页面。
See the example code. This is all from memory, as I dont have code infront of me for reference. But its all in the account controller, Login Action.
请参阅示例代码。这完全来自记忆,因为我没有代码在我面前供参考。但它全部在帐户控制器中,登录操作。
When the cookie is set, The users login state is cached for the session. You will need to ensure the user is logged in when visiting a webpage. Otherwise loggin in will be pointless. This is a simple attribute on the controller/action.
设置cookie后,将为会话缓存用户登录状态。您需要确保用户在访问网页时已登录。否则登录将毫无意义。这是控制器/操作的简单属性。
Note: dont do this to the Account/logon controller, as you wont be able to visit the logon page, as you are not logged in.
注意:不要对帐户/登录控制器执行此操作,因为您无法登录登录页面,因为您没有登录。
[Authorize]
public ActionResult DoSomething()
{
// ...
}
Hope I have helped.
希望我有所帮助。