gpt4 book ai didi

c# - admin 用户在 asp.net 成员资格中将在一段时间后失效

转载 作者:太空宇宙 更新时间:2023-11-03 12:27:43 30 4
gpt4 key购买 nike

我们的网站使用 Membership provider 并有一个管理面板,许多用户都可以访问它。问题是管理员用户在一段时间后无法登录,当我调试登录代码时,“Membership.ValidateUser(username, password)”方法条件结果为假。我找不到原因,还检查了有效用户和无效用户之间的区别,也找不到任何东西。需要注意的是,当我注释 ValidateUser 方法时,用户可以登录。我该如何解决这个问题?

谢谢。

登录码:

protected void btnSignIn_Click(object sender, EventArgs e)
{
if (Membership.ValidateUser(txtEmail.Text, txtPassword.Text))
{
var member = Membership.GetUser(txtEmail.Text);
if (member.IsLockedOut)
{
if (DateTime.Now.Subtract(member.LastLockoutDate).TotalMinutes > 10)
{
member.UnlockUser();
}
else
{
(Page as BasePage).Alert("Your account due to entering the wrong credentials more than 5 times, has been blocked, please right after 10 minutes to re-enter your user information.");
return;
}
}

if (Request.QueryString["ReturnUrl"] != null)
{
FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false);
}
else
{
if (Roles.IsUserInRole(txtEmail.Text, SiteUtility.SiteRoles.admin.ToString()) || Roles.IsUserInRole(txtEmail.Text, SiteUtility.SiteRoles.adminl2.ToString()))
{
FormsAuthentication.SetAuthCookie(txtEmail.Text, false);
Response.Redirect("/admin/");
}
}
}
else
{
if (Page is BasePage)
{
(Page as BasePage).Alert("Username or password is incorrect.");
}
else
{
Page.ClientScript.RegisterStartupScript(typeof(Page), "alterror", "alert('Username or password is incorrect.');", true);
}
}
}

web.config 中的成员提供程序配置

<membership userIsOnlineTimeWindow="10" hashAlgorithmType="SHA1">
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" passwordFormat="Hashed" connectionStringName="CSConnectionString" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="2" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="ApplicationKaspid"/>
</providers>
</membership>

最佳答案

Membership.Validate 对锁定的用户返回 false。
在 5 次无效密码尝试后,成员将被锁定,您需要在验证之前解锁成员。

protected void btnSignIn_Click(object sender, EventArgs e)
{
var member = Membership.GetUser(txtEmail.Text);
if (member != null)
{
if (member.IsLockedOut)
{
if (DateTime.Now.Subtract(member.LastLockoutDate).TotalMinutes > 10)
{
member.UnlockUser();
}
else
{
(Page as BasePage).Alert("Your account due to entering the wrong credentials more than 5 times, has been blocked, please right after 10 minutes to re-enter your user information.");
return;
}
}
}

if (Membership.ValidateUser(txtEmail.Text, txtPassword.Text))
{
if (Request.QueryString["ReturnUrl"] != null)
{
FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false);
}
else
{
if (Roles.IsUserInRole(txtEmail.Text, SiteUtility.SiteRoles.admin.ToString()) || Roles.IsUserInRole(txtEmail.Text, SiteUtility.SiteRoles.adminl2.ToString()))
{
FormsAuthentication.SetAuthCookie(txtEmail.Text, false);
Response.Redirect("/admin/");
}
}
}
else
{
if (Page is BasePage)
{
(Page as BasePage).Alert("Username or password is incorrect.");
}
else
{
Page.ClientScript.RegisterStartupScript(typeof(Page), "alterror", "alert('Username or password is incorrect.');", true);
}
}
}

关于c# - admin 用户在 asp.net 成员资格中将在一段时间后失效,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43964814/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com