我正在使用C#和.NET Framework 4.5在Visual Studio 2012中创建Windows窗体应用程序。
现在,我想创建一个登录窗体,在此窗体上用户可以输入一些用户名和密码(之前在数据库中创建),应用程序会验证并登录用户。如果可能的话,还带有"角色控制"。
我尝试在Google上搜索,但是没有找到与Windows Forms相关的内容,只有ASP.NET的内容。
.NET Framework是否有任何好的(并且官方)解决方案来解决WinForms中的身份验证问题?
我正在使用C#和.NET Framework 4.5在Visual Studio 2012中创建Windows窗体应用程序。
现在,我想创建一个登录窗体,在此窗体上用户可以输入一些用户名和密码(之前在数据库中创建),应用程序会验证并登录用户。如果可能的话,还带有"角色控制"。
我尝试在Google上搜索,但是没有找到与Windows Forms相关的内容,只有ASP.NET的内容。
.NET Framework是否有任何好的(并且官方)解决方案来解决WinForms中的身份验证问题?
public partial class LoginForm : Form
{
public bool letsGO = false;
public LoginForm()
{
InitializeComponent();
textUser.CharacterCasing = CharacterCasing.Upper;
}
public string UserName
{
get
{
return textUser.Text;
}
}
private static DataTable LookupUser(string Username)
{
const string connStr = "Server=(local);" +
"Database=LabelPrinter;" +
"trusted_connection= true;" +
"integrated security= true;" +
"Connect Timeout=1000;";
//"Data Source=apex2006sql;Initial Catalog=Leather;Integrated Security=True;";
const string query = "Select password From dbo.UserTable (NOLOCK) Where UserName = @UserName";
DataTable result = new DataTable();
using (SqlConnection conn = new SqlConnection(connStr))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand(query, conn))
{
cmd.Parameters.Add("@UserName", SqlDbType.VarChar).Value = Username;
using (SqlDataReader dr = cmd.ExecuteReader())
{
result.Load(dr);
}
}
}
return result;
}
private void HoldButton()
{
if (string.IsNullOrEmpty(textUser.Text))
{
//Focus box before showing a message
textUser.Focus();
MessageBox.Show("Enter your username", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Information);
//Focus again afterwards, sometimes people double click message boxes and select another control accidentally
textUser.Focus();
textPass.Clear();
return;
}
else if (string.IsNullOrEmpty(textPass.Text))
{
textPass.Focus();
MessageBox.Show("Enter your password", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Information);
textPass.Focus();
return;
}
//OK they enter a user and pass, lets see if they can authenticate
using (DataTable dt = LookupUser(textUser.Text))
{
if (dt.Rows.Count == 0)
{
textUser.Focus();
MessageBox.Show("Invalid username.", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Error);
textUser.Focus();
textUser.Clear();
textPass.Clear();
return;
}
else
{
string dbPassword = Convert.ToString(dt.Rows[0]["Password"]);
string appPassword = Convert.ToString(textPass.Text); //we store the password as encrypted in the DB
Console.WriteLine(string.Compare(dbPassword, appPassword));
if (string.Compare(dbPassword, appPassword) == 0)
{
DialogResult = DialogResult.OK;
this.Close();
}
else
{
//You may want to use the same error message so they can't tell which field they got wrong
textPass.Focus();
MessageBox.Show("Invalid Password", this.Text, MessageBoxButtons.OK, MessageBoxIcon.Information);
textPass.Focus();
textPass.Clear();
return;
}
}
}
}
private void textPass_KeyDown_1(object sender, KeyEventArgs e)
{
if (e.KeyCode == Keys.Return)
{
HoldButton();
}
}
private void buttonLogin_Click(object sender, EventArgs e)
{
HoldButton();
}
private void textPass_KeyDown(object sender, KeyEventArgs e)
{
if (e.KeyCode == Keys.Return)
{
HoldButton();
}
}
}
public Form1(string userName)
{
//this is incase a user has a particular setting in your form
//so pass name into contructer
}
static class Program
{
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main()
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
LoginForm fLogin = new LoginForm();
if (fLogin.ShowDialog() == DialogResult.OK)
{
Application.Run(new Form1(fLogin.UserName));
}
else
{
Application.Exit();
}
//Application.Run(new Form1());
}
Select password From dbo.UserTable (NOLOCK) Where UserName = @UserName
我只是会将它放到一个存储过程中。但无论如何,这不是最好的身份验证方式,但至少是一种可行的解决方案,希望能让您继续前进。