Asp.net官方标准控件实现用户的管理,虽然简单,但控件封装性很强,开发人员不能明白做了什么样的调用,还用别一方面,标准控件的使用,很大程度上限制了程序的可变性。如果自开发一整套用户管理系统,可行,但又失去了标准用户控件的作用,于是用API来管理用户,成为一个很好的先择,下面我列出主要(不 全部)的用户管理API实例:
1、注册用户
用Membership.CreateUser来创建设新用户,注意密友要包含一个符号,Membership位于System.Web.Security命名空间内。
//cs
1try
2 {
3 MembershipCreateStatus MCS;
4 Membership.CreateUser(name.Text, password.Text,email .Text ,question .Text,answer .Text ,true , out MCS );
5 Response.Write(MCS.ToString ());
6 }
7 catch(Exception s)
8 {
9 //异常处理代码
10 }
11
//Aspx代码
1 <asp:Label ID="Label1" runat="server" Text="用户名:"></asp:Label>
2 <asp:TextBox ID="name" runat="server" Width="196px"></asp:TextBox>
3 <asp:Label ID="Label2" runat="server" Text="密码:"></asp:Label>
4 <asp:TextBox ID="password" runat="server" Width="197px"></asp:TextBox>
5 <asp:Label ID="Label3" runat="server" Text="确认密码:"></asp:Label>
6 <asp:TextBox ID="OtherPass" runat="server" Width="196px"></asp:TextBox>
7 <asp:Label ID="Label4" runat="server" Text="电子邮件:"></asp:Label>
8 <asp:TextBox ID="email" runat="server" Width="193px"></asp:TextBox>
9 <asp:Label ID="Label5" runat="server" Text="安全提示问题:"></asp:Label>
10 <asp:TextBox ID="question" runat="server" Width="189px"></asp:TextBox>
11 <asp:Label ID="Label6" runat="server" Text="安全答案:"></asp:Label>
12 <asp:TextBox ID="answer" runat="server" Width="187px"></asp:TextBox>
13 <asp:Button ID="Button1" runat="server" onclick="Button1_Click" Text="注册" Width="69px" />
14
15
2、用户登录
用户登录用Membershi.ValidateUser来验证用户名和密码。如果通过验证,调用FormsAuthentication.RedirectFromLoginPage导向目标页面(这里以及后面的一些设置都是配合Forms验证展开,都预先在web.config中配置好Forms的验证策略)。
//cs代码,在登录按钮的单击事件注册的方法中
1if (Membership.ValidateUser(UserName.Text,Password.Text))
2 {
3 FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
4 }
5 else
6 {
7 Response.Write("登录失败!");
8 }
9
10
//Aspx代码
1<asp:Label ID="Label1" runat="server" Text="用户名:"></asp:Label>
2 <asp:TextBox ID="UserNmae" runat="server"></asp:TextBox>
3 <asp:Label ID="Label2" runat="server" Text="密码:"></asp:Label>
4 <asp:TextBox ID="Password" runat="server"></asp:TextBox>
5 <asp:Button ID="Login_But" runat="server" onclick="Button1_Click" Text="登录"
6 Width="69px" />
7 <asp:HyperLink ID="FindPass_HL" runat="server" NavigateUrl="~/FindPassword.aspx">忘记密码</asp:HyperLink>
8<asp:HyperLink ID="Reg_HL" runat="server" NavigateUrl="~/register.aspx">注册</asp:HyperLink>
9
10
11
3、找回密码
//cs
Cs中的邮件发方法,关于一些邮件的配置是在web.confing中存放,方法中有相关的获取方法
1using System;
2using System.Collections;
3using System.Configuration;
4using System.Data;
5using System.Web;
6using System.Web.Security;
7using System.Web.UI;
8using System.Web.UI.HtmlControls;
9using System.Web.UI.WebControls;
10using System.Web.UI.WebControls.WebParts;
11using System.Web.Configuration;
12using System.Net.Configuration;
13using System.Net.Mail ;
14public partial class FindPassword : System.Web.UI.Page
15{
16 protected void Page_Load(object sender, EventArgs e)
17 {
18 if (!IsPostBack)
19 {
20 Wizard1.ActiveStepIndex = 0;
21 }
22 }
23 protected void Wizard1_NextButtonClick(object sender, WizardNavigationEventArgs e)
24 {
25 try
26 {
27 Label1.Text = "问题是:" + Membership.GetUser(Quest_TB.Text).PasswordQuestion;
28 }
29 catch (Exception ee)
30 {
31 Response.Write("异常,详细错误:"+ee.Message);
32 }
33 }
34 protected void Wizard1_FinishButtonClick(object sender, WizardNavigationEventArgs e)
35 {
36 try
37 {
38 Configuration c = WebConfigurationManager.OpenWebConfiguration(@"~web.config"); ;
39 NetSectionGroup ns = NetSectionGroup.GetSectionGroup(c);
40 string forms = ns.MailSettings.Smtp.From;
41 string hosts = ns.MailSettings.Smtp.Network.Host;
42 int ports = ns.MailSettings.Smtp.Network.Port;
43 string usernames = ns.MailSettings.Smtp.Network.UserName;
44 string passwords = ns.MailSettings.Smtp.Network.Password;
45 MailAddress from = new MailAddress(forms);
46 MailAddress to = new MailAddress(Membership.GetUser(TextBox1.Text).Email);
47 MailMessage message = new MailMessage(from, to);
48 message.Subject = "密码";
49 string nr = "您好:你的密码为:" + Membership.GetUser(Quest_TB.Text).ResetPassword(Answer_TB.Text);
50 message.Body = nr;
51 SmtpClient client = new SmtpClient(hosts, ports);
52 client.Send(message);
53 }
54 catch (Exception ee)
55 {
56 Response.Write("发送邮箱密码错误!详细信息:"+ee.Message);
57 }
58 }
59}
60
//Aspx代码
1<asp:Wizard ID="Wizard1" runat="server" ActiveStepIndex="2"
2 DisplaySideBar="False" Height="103px"
3 onfinishbuttonclick="Wizard1_FinishButtonClick"
4 onnextbuttonclick="Wizard1_NextButtonClick" Width="168px">
5 <WizardSteps>
6 <asp:WizardStep runat="server" title="用户名">
7 请输入用户名:<br />
8 <asp:TextBox ID=" Quest_TB" runat="server" Width="141px"></asp:TextBox>
9 </asp:WizardStep>
10 <asp:WizardStep runat="server" title="问题">
11 <asp:Label ID="Label1" runat="server" Text="问题是:"></asp:Label>
12 <br />
13 <asp:Label ID="Label2" runat="server" Text="问题:"></asp:Label>
14 <br />
15 <asp:TextBox ID="Answer_TB" runat="server" Width="161px"></asp:TextBox>
16 <br />
17 </asp:WizardStep>
18 <asp:WizardStep runat="server" Title="完成">
19 <asp:Label ID="Label3" runat="server" Text="修改密码完成!"></asp:Label>
20 </asp:WizardStep>
21 </WizardSteps>
22</asp:Wizard>
23//web.config中的配置
24位于configuration标签中
25<system.net>
26 <mailSettings>
27 <smtp from="axzxs2001@163.com">
28 <network host="smtp.163.com" password="*********" userName="axzxs2001" />
29 </smtp>
30 </mailSettings>
31 </system.net>
32
4、注销用户
1FormsAuthentication.SignOut();//注销用户
2Roles.DeleteCookie();//清除cookie
3FormsAuthentication.RedirectToLoginPage();//注销后转回到登陆页
4
5、删除用户
1string username =”用户名”;
2Membership.DeleteUser(username);
3FormsAuthentication.RedirectToLoginPage();//注销后转回到登陆页
4
6、修改用户信息
1MembershipUser MU = Membership.GetUser ();
2MU.Email = "axzxs2002@163.com";
3Membership.UpdateUser(MU);
7、修改密码
1if (Membership.GetUser().ChangePassword(OldTextBox.Text, newTextBox.Text))
2{
3
4 Response.Write("更改用户密码成功!");
5}
6 else
7{
8 Response.Write("更改用户密码失败!");
9 }
10
11
8、修改密码问题
1if (Membership.GetUser().ChangePasswordQuestionAndAnswer(PassWordTB.Text, this.OldQuesTB.Text, NewQuesTB.Text))
2{
3 Response.Write("更改提问问题成功!");
4}
5else
6 {
7 Response.Write("更改提问问题失败!");
8}
9
9、获取所有用户信息
1 Response.Write("当前用户:" + Page.User.Identity.Name + "<br >");
2 DataTable DT=new DataTable ();
3 DT.Columns.Add("用户名 ", typeof(string));
4 DT.Columns.Add("创建时间",typeof(string));
5 DT.Columns.Add("Email", typeof(string));
6 DT.Columns.Add("是否在线", typeof(string));
7 DT.Columns.Add("问题", typeof(string));
8 DT.Columns.Add("角色",typeof(string));
9 foreach (MembershipUser MU in Membership.GetAllUsers())
10 {
11 string js = "";
12 string[] jsArr = Roles.GetRolesForUser(MU.UserName);
13 foreach (string jss in jsArr)
14 {
15 js += jss +" ";
16 }
17 DT.Rows.Add(MU.UserName, MU.CreationDate, MU.Email, MU.IsOnline, MU.PasswordQuestion, js);
18 }
19 GridView1.DataSource = DT;
20 GridView1.DataBind();
21
10、获取所有角色
1 string[] roseArr= Roles.GetAllRoles();
2 GridView2.DataSource = roseArr;
3 GridView2.DataBind();
11、创建角色
1 try
2 {
3 Roles.CreateRole(RoseTextBox.Text);
4 }
5 catch (Exception me)
6 {
7 Response.Write(me.Message);
8 }
12、给用户分配角色
1 try
2 {
3 Roles.AddUserToRole(usernameTB.Text ,RolseTB.Text);
4 }
5 catch (Exception me)
6 {
7 Response.Write(me.Message);
8 }
9
13、获取角色下的用户
把角色对应的用户加载到树形菜单中
1TreeView1.Nodes.Clear();
2string[] rolesArr= Roles.GetAllRoles();
3foreach (string ro in rolesArr)
4 {
5 TreeNode TN = new TreeNode(ro);
6 TreeView1.Nodes.Add(TN);
7 }
8for (int i=0;i<TreeView1.Nodes.Count ;i++)
9 {
10 string[] yh= Roles.GetUsersInRole (TreeView1.Nodes[i].Text );
11 foreach (string s in yh)
12 {
13 TreeNode TTN = new TreeNode(s);
14 TreeView1.Nodes[i].ChildNodes.Add(TTN);
15 }
16 }
17
现在有了用户和角色,用户和角色也能关联上了,但权限怎么办呢?角色对应的权限怎么来实现呢?权限的设置要在web.config中的验证段落来配置。比如下面的设置,是设置了只有收银员这个角色才能进入系统,其他用户都是不可以的。
1<authentication mode="Forms">
2 </authentication>
3 <authorization >
4 <allow roles="收银员" />
5 <deny users="*" />
6</authorization>
7
在权限这块,常出现的问题是一种角色,对应着一种访问权限,即一种角色具有相同的访问某些页面,这个怎么实现呢?这里可以通过配置相应的验证来实现,比如下页的实例:
1 <location path="register.aspx" allowOverride="true" >
2 <system.web>
3 <authorization >
4 <allow users="?" />
5 </authorization>
6 </system.web>
7 </location>
8
这段是配置了所有用户和角色都是可以访问register.aspx页面的