|
用FormsAuthentication.SetAuthCookie设置登陆,浏览器关闭以后再打开不用登陆直接就上去了,请问怎么设置关闭浏览器以后登陆失效。 你可以弄个 session如果FormsAuthentication.SetAuthCookie设置登录成功就给session赋值,你打开浏览器的时候判断这个session是否为null,如果为null就设置FormsAuthentication.SetAuthCookie过期
不要给System.Web.Security.FormsAuthenticationTicket设置过期时间
protected void btnLogin_Click(object sender, EventArgs e) { var ticket = new System.Web.Security.FormsAuthenticationTicket(1, this.txtName.Text, DateTime.Now, DateTime.Now.AddDays(1), false, "USER"); var encryptedTicket = System.Web.Security.FormsAuthentication.Encrypt(ticket); if (Request.Cookies[System.Web.Security.FormsAuthentication.FormsCookieName] != null) Request.Cookies.Remove(System.Web.Security.FormsAuthentication.FormsCookieName); var loginIdentify = new HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName); // loginIdentify.Expires = DateTime.Now.AddDays(1); loginIdentify.Value = encryptedTicket; Response.AppendCookie(loginIdentify); if (!String.IsNullOrEmpty(Request.QueryString["ReturnUrl"]) && !Request.QueryString["ReturnUrl"].ToLower().Contains("profile")) Response.Redirect(Server.UrlDecode(Request.QueryString["ReturnUrl"])); else Response.Redirect(System.Web.Security.FormsAuthentication.DefaultUrl); }
loginIdentify.Expires = DateTime.Now.AddDays(1);注释掉就关闭浏览器就过期了,自己用这个代码试试
|
