我可以通过直接访问asp.net成员资格用户表来更改用户名.但是,旧用户名保留在新行中,并由asp.net自动分配新的UserID.我如何阻止这种情况发生?
编辑:仅在users表和角色表中,而不是在成员资格表中.
var mUser = dc.aspnet_Users
.Where(u => u.UserId == (Guid)user.ProviderUserKey)
.Select(u => u).SingleOrDefault();
mUser.UserName = newName;
mUser.LoweredUserName = newName.ToLower();
try
{
dc.SubmitChanges();
}
catch
{
...
}
解决方法
ASP.NET 2.0中的sql成员资格提供程序不支持更改用户名.您仍然可以更改用户名,但必须使用自定义实现.
此外,您必须使用新用户名更新成员资格cookie,以避免使用相同的用户名重新创建用户,但新的UserId.
在下面的示例中,我使用Linq to sql来更新成员资格表 – 我有名为MembershipDataContext的数据上下文.
public bool ChangeUserName(Guid userId,string newUserName)
{
bool success = false;
newUserName = newUserName.Trim();
// Make sure there is no user with the new username
if (Membership.GetUser(newUserName) == null)
{
MembershipUser u = Membership.GetUser(userId);
string oldUsername = u.UserName;
// get current application
MembershipDataContext context = new MembershipDataContext ();
aspnet_User usertochange = (from user in context.aspnet_Users
where user.UserId == userId
select user).FirstOrDefault();
if (usertochange != null)
{
usertochange.UserName = newUserName;
usertochange.LoweredUserName = newUserName.ToLower();
context.SubmitChanges();
// ASP.NET Issues a cookie with the user name.
// When a request is made with the specified cookie,// ASP.NET creates a row in aspnet_users table.
// To prevent this sign out the user and then sign it in
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie =
HttpContext.Current.Request.Cookies[cookieName];
FormsAuthenticationTicket authTicket = null;
try
{
authTicket =
FormsAuthentication.Decrypt(authCookie.Value);
FormsIdentity formsIdentity =
new FormsIdentity(
new FormsAuthenticationTicket(
authTicket.Version,newUserName,authTicket.IssueDate,authTicket.Expiration,authTicket.IsPersistent,authTicket.UserData));
string y = HttpContext.Current.User.Identity.Name;
string[] roles =
authTicket.UserData.Split(new char[] { '|' });
System.Security.Principal.GenericPrincipal genericPrincipal =
new System.Security.Principal.GenericPrincipal(
formsIdentity,roles);
HttpContext.Current.User = genericPrincipal;
}
catch (ArgumentException ex)
{
// Handle exceptions
}
catch( NullReferenceException ex)
{
// Handle exceptions
}
FormsAuthentication.SignOut();
HttpContext.Current.Session.Abandon();
FormsAuthentication.SetAuthCookie(newUserName,false);
success = true;
}
}
return success;
}
