asp.net mvc:TempData 和 AuthorizeAttribute
作为这个问题的后续,我想知道发生了什么我的临时数据。
场景 1:
- 用户登录
- 用户提供电子邮件地址
- 用户收到带有验证码的电子邮件
- 用户单击验证 URL
- 用户已验证
- 成功 通过验证操作中设置的 TempData 显示消息
场景 2:
- 用户登录
- 用户提供电子邮件地址
- 用户注销/超时
- 用户收到带有验证码的电子邮件
- 用户单击验证 url
- 用户已验证
- 成功 消息未通过验证操作中设置的 TempData 显示
现在,我没有看到用户登录进行验证的原因。在场景 1 中,我在 TempData 中放置了一条“成功”消息,并返回 RedirectToAction(“Index”)。 Index 操作有一个 AuthorizeAttribute - 如果他们没有登录,他们会被重定向到登录屏幕(单独的控制器)。
我希望登录屏幕显示我的消息,但在这种情况下 TempData 似乎被清除。我是否误解了 TempData 生命周期?它仅适用于同一控制器内的请求吗?
As a followup to this question, I'm wondering what's happening to my TempData.
Scenario 1:
- user logs in
- user provides email address
- user receives email with validation code
- user clicks on validation url
- user is validated
- success msg is displayed via TempData set in Validate action
Scenario 2:
- user logs in
- user provides email address
- user logs out/times out
- user receives email with validation code
- user clicks on validation url
- user is validated
- success msg is not displayed via TempData set in Validate action
Now, I don't see a reason for the user to be logged in to validate. In Scenario 1, I put a "Success" message in TempData, and return RedirectToAction("Index"). Index action has an AuthorizeAttribute - if they're not logged in, they're redirected to the login screen (seperate controller).
I would like the login screen to display my message, but TempData appears to get cleared in this scenario. Am I misunderstanding the TempData lifecycle? Does it only apply to requests within the same controller?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
问题是,如果用户未登录,AuthorizeAttribute 会在循环中引入另一个重定向。您将用户重定向到另一个操作,然后,如果用户未登录,AuthorizeAttribute 会将其重定向到登录页面。 TempData 仅存在一个请求周期,因此额外的重定向(请求)会将其清空,并且在登录页面上不可用。
您可能会考虑直接将其放入 Session 中,而不是将 TempData 前端放入 Session 中。只要会话存在,它就应该一直存在。
The problem is that the AuthorizeAttribute is introducing another redirect into the cycle if the user is not logged in. You are redirecting the user to another action then, if the user is not logged in, the AuthorizeAttribute redirects them to the login page. TempData only lives over one request cycle, so the extra redirect (request) is emptying it and it isn't available on the login page.
You might consider just putting it in the Session directly instead of the TempData front-end to the Session. It should still be there as long as the Session lives.
[Authorize]引入了一个额外的重定向,它会清除TempData(Tvanfosson 已解释了详细信息)。因此,要实现此目的,您可以在重定向到的方法上使用标志(假设您声明了以下路由和操作方法:)
[Authorize]introduces an extra redirect, which clears theTempData(Tvanfosson has explained the details). So for this to work, you can use a flag on the method you redirect to, for example(given that you have the following route and action method declared:)