// 舉個例子:一個網站有用戶系統、商家系統�、網站后臺3個系統
//可以分3個userType, user ,shop , system
//網站后臺一般都有角色����,如admin,employee
//那么網站的角色就有 user,shop,admin,employee,但是admin和employee在一個客戶端是不能同時登陸的,所以他們是同一類用戶(system)
使用方法:
1���、添加一個類LoginUser.cs 代碼如下:
代碼:
namespace MVCCommonAuth{ #region 功能說明 // 舉個例子:一個網站有用戶系統����、商家系統���、網站后臺3個系統 //可以分3個userType, user ,shop , system //網站后臺一般都有角色���,如admin,employee //那么網站的角色就有 user,shop,admin,employee,但是admin和employee在一個客戶端是不能同時登陸的,所以他們是同一類用戶(system) #endregion public enum UserType { User, Shop, System } [Serializable] public class LoginUser { private static string DESKEY = DateTime.Now.ToString("1234MMdd"); public int ID { get; set; } public string UserName { get; set; } public string Roles { get; set; } public DateTime Expires { get; set; } public readonly static string CookieNamePrefix = "authcookie"; public void Login(string userType, string domain = null, string path = null) { var keyName = CookieNamePrefix + userType; var json = JsonConvert.SerializeObject(this); var value = EncryptString(json, DESKEY); HttpCookie cookie = new HttpCookie(keyName, value); cookie.Expires = Expires; if (!string.IsNullOrWhiteSpace(domain)) { cookie.Domain = domain; } if (path != null) { cookie.Path = path; } HttpContext.Current.Items[keyName] = this; HttpContext.Current.Response.Cookies.Add(cookie); } /// <summary> /// 從cookie讀取用戶信息 /// </summary> /// <param name="cookieName"></param> private static LoginUser BuildUser(string keyName) { var cookie = HttpContext.Current.Request.Cookies[keyName]; if (cookie != null && !string.IsNullOrEmpty(cookie.Value)) { try { var json = DecryptString(cookie.Value, DESKEY); var loginuser = JsonConvert.DeserializeObject<LoginUser>(json); if (loginuser != null) { if (loginuser.Expires >= DateTime.Now) { return loginuser; } } } catch { //do nothing } } return null; } public static LoginUser GetUser(string userType) { var keyName = CookieNamePrefix + userType; if (!HttpContext.Current.Items.Contains(keyName)) { var user = BuildUser(keyName); HttpContext.Current.Items[keyName] = user; return user; } else { return HttpContext.Current.Items[keyName] as LoginUser; } } public static int GetUserID(string userType) { var user = GetUser(userType); if (user != null) return user.ID; return 0; } /// <summary> /// 退出cookie登錄 /// </summary> public static void Logout(string userType) { var keyName = CookieNamePrefix + userType; HttpCookie cookie = new HttpCookie(keyName, string.Empty); cookie.Expires = DateTime.Now.AddMonths(-1); HttpContext.Current.Response.Cookies.Add(cookie); } #region 字符串加密 /// <summary> /// 利用DES加密算法加密字符串(可解密) /// </summary> /// <param name="plaintext">被加密的字符串</param> /// <param name="key">密鑰(只支持8個字節的密鑰)</param> /// <returns>加密后的字符串</returns> private static string EncryptString(string plaintext, string key) { //訪問數據加密標準(DES)算法的加密服務提供程序 (CSP) 版本的包裝對象 DESCryptoServiceProvider des = new DESCryptoServiceProvider(); des.Key = ASCIIEncoding.ASCII.GetBytes(key); //建立加密對象的密鑰和偏移量 des.IV = ASCIIEncoding.ASCII.GetBytes(key); //原文使用ASCIIEncoding.ASCII方法的GetBytes方法 byte[] inputByteArray = Encoding.Default.GetBytes(plaintext);//把字符串放到byte數組中 MemoryStream ms = new MemoryStream();//創建其支持存儲區為內存的流 //定義將數據流鏈接到加密轉換的流 CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //上面已經完成了把加密后的結果放到內存中去 StringBuilder ret = new StringBuilder(); foreach (byte b in ms.ToArray()) { ret.AppendFormat("{0:X2}", b); } ret.ToString(); return ret.ToString(); } /// <summary> /// 利用DES解密算法解密密文(可解密) /// </summary> /// <param name="ciphertext">被解密的字符串</param> /// <param name="key">密鑰(只支持8個字節的密鑰�,同前面的加密密鑰相同)</param> /// <returns>返回被解密的字符串</returns> private static string DecryptString(string ciphertext, string key) { try { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); byte[] inputByteArray = new byte[ciphertext.Length / 2]; for (int x = 0; x < ciphertext.Length / 2; x++) { int i = (Convert.ToInt32(ciphertext.Substring(x * 2, 2), 16)); inputByteArray[x] = (byte)i; } des.Key = ASCIIEncoding.ASCII.GetBytes(key); //建立加密對象的密鑰和偏移量,此值重要���,不能修改 des.IV = ASCIIEncoding.ASCII.GetBytes(key); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //建立StringBuild對象,createDecrypt使用的是流對象�,必須把解密后的文本變成流對象 StringBuilder ret = new StringBuilder(); return System.Text.Encoding.Default.GetString(ms.ToArray()); } catch (Exception) { return "error"; } } #endregion }}2、登錄處理過程���,寫入cookie:
[HttpPost] public ActionResult Login(string username,string userpass) { if (username=="admin" && userpass=="admin") { LoginUser loginuser = new LoginUser(); loginuser.ID = 1; loginuser.UserName = username; loginuser.Roles = "Administrator"; loginuser.Expires = DateTime.Now.AddHours(2); loginuser.Login("Administrator"); return Content("登錄成功"); //return RedirectToAction("Index", "Home"); } return RedirectToAction("Login"); }3、判斷用戶是否登錄:
//是否登錄if(LoginUser.GetUserID("Administrator") > 0){}// 用戶IDint userID=LoginUser.GetUserID("Administrator")//獲取用戶名string userName= LoginUser.GetUser("Administrator").UserName再來分享一個示例
1.HTML部分:
<form id="form1" runat="server"> <script src="../Script/jquery-v1.10.2.js" type="text/javascript"></script> <script src="login.js" type="text/javascript"></script> <div class="" style="height: 160px"> <div> <label for="userName"> 帳號:</label> <input type="text" name="userName" /> </div> <div> <label for="password"> 密碼:</label> <input type="password" name="password" /> </div> <input type="submit" id="btnSumit" value="登錄" /> <p class="msg"> </p> </div> </form>
2.引入登錄插件:login.js
/*!* 插件名稱:登錄插件封裝,使用方法: $('#form1').login({ url: "LoginHandler.ashx",//處理登錄驗證邏輯的Url userName: $("input[name='userName']"),//用戶名輸入框 password: $("input[name='password']"),//密碼輸入框 msg: $(".msg"), //提示信息 button: $("#btnSumit") //提交按鈕 }); */(function ($) { $.fn.login = function (option) { var defaults = { url: '/account/login/', msg: $(this).find('.msg'), userName: $(this).find("input[name='userName']"), password: $(this).find("input[name='password']"), button: $(this).find("#button") }; var options = $.extend(defaults, option); var errMsg = { 'inputUserName': '請輸入用戶名', 'inputPassword': '請填寫登錄密碼', 'passwordLength': '密碼應在6-32位字符內', 'noreg': '此賬號未注冊', 'inviladUserName': '帳號不存在', 'accountNotMatch': '賬號密碼不匹配', 'userLocked': '帳號鎖定中����,暫時無法登錄', 'serverdown': '服務器繁忙���,請稍后再試' }; //提交數據 function submit() { var userNameInput = $.trim(options.userName.val()); var passwordInput = $.trim(options.password.val()); if (userNameInput == '') { showMsg('登錄名不能為空'); options.userName.focus(); return; } if (passwordInput == '') { showMsg('密碼不能為空'); options.password.focus(); return; } $.ajax({ type: "POST", url: options.url, data: "userName=" + userNameInput + "&password=" + passwordInput, success: function (msg) { var result = eval("[" + msg + "]")[0]; if (result.status == "ok") { //登錄成功處理 showMsg("登錄成功...."); } else { showMsg(errMsg[result.status]); } } }); } //顯示錯誤信息 function showMsg(msg) { options.msg.html(msg); } //綁定按鈕事件 options.button.bind('click', function () { submit(); return false; }); };})(jQuery);3.頁面調用插件:
<script type="text/javascript"> $('#form1').login({ url: "AjaxLogin.aspx", userName: $("input[name='userName']"), password: $("input[name='password']"), msg: $(".msg"), button: $("#btnSumit") }); </script>4.后臺處理邏輯(請根據實際需求做相應調整)
using System;using System.Web;using System.Web.UI;namespace Whir.SiteFactory.Website.Admin.Account{ public partial class AjaxLogin : Page { protected void Page_Load(object sender, EventArgs e) { string status = ProcessLogin(); Response.Clear(); Response.Write(status); Response.End(); } private string ProcessLogin() { try { string userName = HttpContext.Current.Request.Form["userName"]; string password = HttpContext.Current.Request.Form["password"]; if (string.IsNullOrEmpty(userName)) { return "{status:'inputUserName'}"; //請輸入用戶名 } if (string.IsNullOrEmpty(password)) { return "{status:'inputPassword'}"; //請填寫登錄密碼 } if (password.Length < 6 || password.Length > 32) { return "{status:'passwordLength'}"; //密碼應在6-32位字符內 } //var user = UserService.GetUserByName(userName); //if (user == null) //{ // return "{status:'inviladUserName'}"; //帳號不存在 //} //if (user.IsLocked) //{ // return "{status:'userLocked'}"; //帳號鎖定中,暫時無法登錄 //} //if (user.Password.ToLower() != password.ToMd5().ToLower()) //{ // return "{accountNotMatch:'ok'}"; //賬號密碼不匹配 //} //其他操作: //寫入客戶端cookie //登錄日志 return "{status:'ok'}"; //登錄成功 } catch (Exception ex) { return "{status:'serverdown'}"; //服務器繁忙����,請稍后再試 } } }}
