MVC 安全
ASP.NET MVC - 安全
为了学习 ASP.NET MVC,我们将构建一个 Internet 应用程序。
第 8 部分:添加安全。
MVC 应用程序安全
Models 文件夹包含表示应用程序模型的类。
Visual Web Developer 自动创建 AccountModels.cs 文件,该文件包含用于应用程序认证的模型。
AccountModels 包含 LogOnModel、ChangePasswordModel 和 RegisterModel:
Change Password 模型
public class ChangePasswordModel
{
[Required]
[DataType(DataType.Password)]
[Display(Name = "Current password")]
public string OldPassword { get; set; }
[Required]
[StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name = "New password")]
public string NewPassword { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm new password")]
[Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
}
{
[Required]
[DataType(DataType.Password)]
[Display(Name = "Current password")]
public string OldPassword { get; set; }
[Required]
[StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name = "New password")]
public string NewPassword { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm new password")]
[Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
}
Logon 模型
public class LogOnModel
{
[Required]
[Display(Name = "User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
}
{
[Required]
[Display(Name = "User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
}
注册模型
公共类RegisterModel
{
[必填]
[Display(Name = "用户名")]
public string UserName { get;放; }
[必填]
[DataType(DataType.EmailAddress)]
[Display(Name = "电子邮件地址")]
公共字符串电子邮件{获取;放; }
[必填]
[StringLength(100, ErrorMessage = "{0} 的长度必须至少为 {2} 个字符。", 最小长度 = 6)]
[DataType(DataType.Password)]
[显示(名称 = "密码")]
public string 密码 { get;放; }
[数据类型(数据类型.密码)]
[显示(名称 = "确认密码")]
[比较("密码", ErrorMessage =“密码和确认密码不匹配。”)]
公共字符串确认密码{获取;放; }
}
{
[必填]
[Display(Name = "用户名")]
public string UserName { get;放; }
[必填]
[DataType(DataType.EmailAddress)]
[Display(Name = "电子邮件地址")]
公共字符串电子邮件{获取;放; }
[必填]
[StringLength(100, ErrorMessage = "{0} 的长度必须至少为 {2} 个字符。", 最小长度 = 6)]
[DataType(DataType.Password)]
[显示(名称 = "密码")]
public string 密码 { get;放; }
[数据类型(数据类型.密码)]
[显示(名称 = "确认密码")]
[比较("密码", ErrorMessage =“密码和确认密码不匹配。”)]
公共字符串确认密码{获取;放; }
}