问题
I have an asp.net project and I am trying to develop the user profile part, so that users can log in with their own profile (profile containing admin and users).
Is it okay to set a cookie on users computer, when the user is logged in and then let the user browse in site? I mean after after I check user name and password, by checking this cookie on every page I let the user browse the page or redirect to the login page.
Is this way okay?
Is this safe to use?
Is there any better approach for this?
回答1:
You can use SqlProfileProvider. Adding profile properties can be done by adding some code to your web.confing (inside system.web section, database for sqlprofile structure must be present):
<profile defaultProvider="SqlProvider">
<providers>
<clear/>
<add name="SqlProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ASPNETDB" applicationName="MyApplication" description="SqlProfileProvider"/>
</providers>
<properties>
<add name="LanguageId" allowAnonymous="false" type="System.Int32"/>
<add name="Company" allowAnonymous="false" type="System.String"/>
</properties>
</profile>
In this example I have added two profile properties languageId nad Company. You can access this properties using following code:
ProfileBase profile = ProfileBase.Create("SomeUserName");
string company = (string)profile["Company"];
For additional info about SqlProfileProvider visit following link:
http://msdn.microsoft.com/en-us/library/system.web.profile.sqlprofileprovider.aspx
回答2:
I have written a couple of how-to answers about creating profiles from scratch:
For Web Sites (where the profile object is automatically generated for you based on Web.config settings).
- How to persist anon user selection (ex: theme selection)
For Web Applications (like MVC, where you need to specify the class inheriting
ProfileBase
)- accessing profile.newproperty in MVC web applications
来源:https://stackoverflow.com/questions/12654817/user-profiles-in-asp-net