使session过期后自动跳转登录页面
步骤1. 在web.config中设置session过期时间 单位分钟
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Home/Login" timeout="2880" defaultUrl="~/Home/Login" />
</authentication>
<sessionState mode= "InProc" cookieless="false" timeout="15" />
</system.web>
步骤2. 过期弹窗跳转登录页面 Global.asax中
private static bool isExpire = false;
protected void Session_End(object sender, EventArgs e)
{
isExpire = true;
}
protected void Application_BeginRequest(object sender, EventArgs e)
{
bool IsAjax= new HttpRequestWrapper(Request).IsAjaxRequest();
string oldUrl = System.Web.HttpContext.Current.Request.RawUrl;
string loginUrl = System.Web.Security.FormsAuthentication.LoginUrl;
if (isExpire&&(IsAjax==false))
{
isExpire = false;
Response.Write("<script languge='javascript'>alert('用户信息已过期,请重新登录');window.parent.location.href='/Home/LogOut';</script>");
Response.End();
}
}
其他:限制非法访问最简单的处理方式
[Authorize]
public class HomeController : Controller
{
private static readonly string _miyao = "LoginKey:";
[AllowAnonymous]
public ActionResult Login()
{}
}