.net实现网站用户登录认证_实用技巧_

 private void SetAuthCookie(string userId, bool createPersistentCookie) { 　　var ticket = new FormsAuthenticationTicket(2, userId, DateTime.Now, DateTime.Now.AddDays(7), true, "", FormsAuthentication.FormsCookiePath); 　　string ticketEncrypted = FormsAuthentication.Encrypt(ticket); 　　HttpCookie cookie; 　　if (createPersistentCookie)//是否在设置的过期时间内一直有效 　　{ 　　　　cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted) 　　　　{ 　　　　　　HttpOnly = true, 　　　　　　Path = FormsAuthentication.FormsCookiePath, 　　　　　　Secure = FormsAuthentication.RequireSSL, 　　　　　　Expires = ticket.Expiration, 　　　　　　Domain = "cnblogs.com"//这里设置认证的域名，同域名下包括子域名如aa.cnblogs.com或bb.cnblogs.com都保持相同的登录状态 　　　　}; 　　} 　　else 　　{ 　　　　cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted) 　　　　{ 　　　　　　HttpOnly = true, 　　　　　　Path = FormsAuthentication.FormsCookiePath, 　　　　　　Secure = FormsAuthentication.RequireSSL, 　　　　　　//Expires = ticket.Expiration,//无过期时间的，浏览器关闭后失效 　　　　　　Domain = "cnblogs.com" 　　　　}; 　　} 　　HttpContext.Current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName); 　　HttpContext.Current.Response.Cookies.Add(cookie); } 

 public bool IsAuthenticated { 　　get 　　{ 　　　　bool isPass = System.Web.HttpContext.Current.User.Identity.IsAuthenticated; 　　　　if (!isPass) 　　　　　　SignOut(); 　　　　return isPass; 　　} } 

 public string GetCurrentUserId() { return _httpContext.User.Identity.Name; } 

 using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Data.SqlClient; public partial class Login : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { } protected void Button1_Click(object sender, EventArgs e) { string connString = Convert.ToString(ConfigurationManager.ConnectionStrings["001ConnectionString"]); //001ConnectionString是我在webconfig里配置的数据库连接。 SqlConnection conn = new SqlConnection(connString); string strsql = "select * from User_table where User_name='" + UserName.Text + "' and Password='" + Password.Text + "'"; SqlCommand cmd = new SqlCommand(strsql, conn); conn.Open(); SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection); if (dr.Read()) { Response.Redirect("index.aspx"); conn.Close(); } else { FailureText.Text = "登陆失败,请检查登陆信息!"; conn.Close(); Response.Write(""); } } protected void Button2_Click(object sender, EventArgs e) //文本框重置按钮 { UserName.Text = ""; Password.Text = ""; } } 

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %>
 用户登陆
 用户名:
 密码: