使session过期后自动跳转登录页面
步骤1.
在web.config中设置session过期时间 单位分钟
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Home/Login" timeout="2880" defaultUrl="~/Home/Login" />
</authentication>
<sessionState mode= "InProc" cookieless="false" timeout="15" />
</system.web>
步骤2.
过期弹窗跳转登录页面
Global.asax中
private static bool isExpire = false; //Session是否超时
protected void Session_End(object sender, EventArgs e)
{
isExpire = true;
//Session.Abandon();
}
protected void Application_BeginRequest(object sender, EventArgs e)
{
bool IsAjax= new HttpRequestWrapper(Request).IsAjaxRequest();
string oldUrl = System.Web.HttpContext.Current.Request.RawUrl;
string loginUrl = System.Web.Security.FormsAuthentication.LoginUrl;
if (isExpire&&(IsAjax==false))
{
isExpire = false;
Response.Write("<script languge='javascript'>alert('用户信息已过期,请重新登录');window.parent.location.href='/Home/LogOut';</script>");
Response.End();
//Response.Redirect("~/Home/LogOut");
}
}
其他:限制非法访问最简单的处理方式
[Authorize]// 身份验证当登录后彩才能访问该controller下动作
public class HomeController : Controller
{
private static readonly string _miyao = "LoginKey:";//秘钥
[AllowAnonymous]//跳过授权验证
public ActionResult Login()
{}
}