c# - How to pass data between web pages MVC -
i’m developing first web application using c# mvc/javascript , wondering how handle authentication .
my accountcontroller uses this.
[httppost] [allowanonymous] [validateantiforgerytoken] public actionresult login(loginmodel model) { if (modelstate.isvalid) { i store username , email in cookie
now need pull info database authenticated user…. utilize cookie values
i sense wrong way pass current user info between web pages several reasons:
for illustration if user disabled cookies in browser. or there risk of exposing sensitive cookie info in cookies.
my question is:
what’s best way passing user authentication info between web pages?
what industry standards?
c# asp.net-mvc-3
No comments:
Post a Comment