如何防止在 ASP.Net Web 表单(身份)中注册后自动登录?
How to prevent auto login after registration in ASP.Net Web Forms (Identity)?
帐户注册后,用户将自动登录到站点。如何通过先向用户发送确认电子邮件,然后在确认帐户后用户可以登录来阻止此过程?
基本上任何用户未经确认都不允许访问该站点。
Register.aspx.cs
namespace Web_WebApp.Account
{
public partial class Register : Page
{
protected void CreateUser_Click(object sender, EventArgs e)
{
var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
var signInManager = Context.GetOwinContext().Get<ApplicationSignInManager>();
//var user = new ApplicationUser() { UserName = UserName.Text, Email = Email.Text, FirstName = FirstName.Text, MiddleName = MiddleName.Text, LastName = LastName.Text, RegistrationDate = DateTime.Now };
var user = new ApplicationUser()
{
UserName = UserName.Text,
Email = Email.Text,
FirstName = FirstName.Text,
MiddleName = MiddleName.Text,
LastName = LastName.Text,
RegistrationDate = DateTime.Now,
};
IdentityResult result = manager.Create(user, Password.Text );
if (result.Succeeded)
{
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
string code = manager.GenerateEmailConfirmationToken(user.Id);
string callbackUrl = IdentityHelper.GetUserConfirmationRedirectUrl(code, user.Id, Request);
manager.SendEmail(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>.");
signInManager.SignIn( user, isPersistent: false, rememberBrowser: false);
IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
}
else
{
ErrorMessage.Text = result.Errors.FirstOrDefault();
}
}
}
}
感谢您为我的问题找到解决方案所做的努力。
我会删除以下行:
signInManager.SignIn( user, isPersistent: false, rememberBrowser: false);
这将防止用户在收到电子邮件和确认用户帐户之前登录。
然后我会将用户重定向到一个页面,其中显示 he/she 应该检查他们的收件箱以获取确认电子邮件。
PS:记得在登录用户时检查user.EmailConfirmed,如果他们在未确认帐户的情况下尝试登录,则向他们显示"An email has been sent..."。
帐户注册后,用户将自动登录到站点。如何通过先向用户发送确认电子邮件,然后在确认帐户后用户可以登录来阻止此过程?
基本上任何用户未经确认都不允许访问该站点。
Register.aspx.cs
namespace Web_WebApp.Account
{
public partial class Register : Page
{
protected void CreateUser_Click(object sender, EventArgs e)
{
var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
var signInManager = Context.GetOwinContext().Get<ApplicationSignInManager>();
//var user = new ApplicationUser() { UserName = UserName.Text, Email = Email.Text, FirstName = FirstName.Text, MiddleName = MiddleName.Text, LastName = LastName.Text, RegistrationDate = DateTime.Now };
var user = new ApplicationUser()
{
UserName = UserName.Text,
Email = Email.Text,
FirstName = FirstName.Text,
MiddleName = MiddleName.Text,
LastName = LastName.Text,
RegistrationDate = DateTime.Now,
};
IdentityResult result = manager.Create(user, Password.Text );
if (result.Succeeded)
{
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
string code = manager.GenerateEmailConfirmationToken(user.Id);
string callbackUrl = IdentityHelper.GetUserConfirmationRedirectUrl(code, user.Id, Request);
manager.SendEmail(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>.");
signInManager.SignIn( user, isPersistent: false, rememberBrowser: false);
IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
}
else
{
ErrorMessage.Text = result.Errors.FirstOrDefault();
}
}
}
}
感谢您为我的问题找到解决方案所做的努力。
我会删除以下行:
signInManager.SignIn( user, isPersistent: false, rememberBrowser: false);
这将防止用户在收到电子邮件和确认用户帐户之前登录。
然后我会将用户重定向到一个页面,其中显示 he/she 应该检查他们的收件箱以获取确认电子邮件。
PS:记得在登录用户时检查user.EmailConfirmed,如果他们在未确认帐户的情况下尝试登录,则向他们显示"An email has been sent..."。