c#通用登录模块分享
时间:2020-11-02 17:00:06|栏目:.NET代码|点击: 次
// 举个例子:一个网站有用户系统、商家系统、网站后台3个系统
//可以分3个userType, user ,shop , system
//网站后台一般都有角色,如admin,employee
//那么网站的角色就有 user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的,所以他们是同一类用户(system)
使用方法:
1、添加一个类LoginUser.cs 代码如下:
代码:
namespace MVCCommonAuth { #region 功能说明 // 举个例子:一个网站有用户系统、商家系统、网站后台3个系统 //可以分3个userType, user ,shop , system //网站后台一般都有角色,如admin,employee //那么网站的角色就有 user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的,所以他们是同一类用户(system) #endregion public enum UserType { User, Shop, System } [Serializable] public class LoginUser { private static string DESKEY = DateTime.Now.ToString("1234MMdd"); public int ID { get; set; } public string UserName { get; set; } public string Roles { get; set; } public DateTime Expires { get; set; } public readonly static string CookieNamePrefix = "authcookie"; public void Login(string userType, string domain = null, string path = null) { var keyName = CookieNamePrefix + userType; var json = JsonConvert.SerializeObject(this); var value = EncryptString(json, DESKEY); HttpCookie cookie = new HttpCookie(keyName, value); cookie.Expires = Expires; if (!string.IsNullOrWhiteSpace(domain)) { cookie.Domain = domain; } if (path != null) { cookie.Path = path; } HttpContext.Current.Items[keyName] = this; HttpContext.Current.Response.Cookies.Add(cookie); } /// <summary> /// 从cookie读取用户信息 /// </summary> /// <param name="cookieName"></param> private static LoginUser BuildUser(string keyName) { var cookie = HttpContext.Current.Request.Cookies[keyName]; if (cookie != null && !string.IsNullOrEmpty(cookie.Value)) { try { var json = DecryptString(cookie.Value, DESKEY); var loginuser = JsonConvert.DeserializeObject<LoginUser>(json); if (loginuser != null) { if (loginuser.Expires >= DateTime.Now) { return loginuser; } } } catch { //do nothing } } return null; } public static LoginUser GetUser(string userType) { var keyName = CookieNamePrefix + userType; if (!HttpContext.Current.Items.Contains(keyName)) { var user = BuildUser(keyName); HttpContext.Current.Items[keyName] = user; return user; } else { return HttpContext.Current.Items[keyName] as LoginUser; } } public static int GetUserID(string userType) { var user = GetUser(userType); if (user != null) return user.ID; return 0; } /// <summary> /// 退出cookie登录 /// </summary> public static void Logout(string userType) { var keyName = CookieNamePrefix + userType; HttpCookie cookie = new HttpCookie(keyName, string.Empty); cookie.Expires = DateTime.Now.AddMonths(-1); HttpContext.Current.Response.Cookies.Add(cookie); } #region 字符串加密 /// <summary> /// 利用DES加密算法加密字符串(可解密) /// </summary> /// <param name="plaintext">被加密的字符串</param> /// <param name="key">密钥(只支持8个字节的密钥)</param> /// <returns>加密后的字符串</returns> private static string EncryptString(string plaintext, string key) { //访问数据加密标准(DES)算法的加密服务提供程序 (CSP) 版本的包装对象 DESCryptoServiceProvider des = new DESCryptoServiceProvider(); des.Key = ASCIIEncoding.ASCII.GetBytes(key); //建立加密对象的密钥和偏移量 des.IV = ASCIIEncoding.ASCII.GetBytes(key); //原文使用ASCIIEncoding.ASCII方法的GetBytes方法 byte[] inputByteArray = Encoding.Default.GetBytes(plaintext);//把字符串放到byte数组中 MemoryStream ms = new MemoryStream();//创建其支持存储区为内存的流 //定义将数据流链接到加密转换的流 CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //上面已经完成了把加密后的结果放到内存中去 StringBuilder ret = new StringBuilder(); foreach (byte b in ms.ToArray()) { ret.AppendFormat("{0:X2}", b); } ret.ToString(); return ret.ToString(); } /// <summary> /// 利用DES解密算法解密密文(可解密) /// </summary> /// <param name="ciphertext">被解密的字符串</param> /// <param name="key">密钥(只支持8个字节的密钥,同前面的加密密钥相同)</param> /// <returns>返回被解密的字符串</returns> private static string DecryptString(string ciphertext, string key) { try { DESCryptoServiceProvider des = new DESCryptoServiceProvider(); byte[] inputByteArray = new byte[ciphertext.Length / 2]; for (int x = 0; x < ciphertext.Length / 2; x++) { int i = (Convert.ToInt32(ciphertext.Substring(x * 2, 2), 16)); inputByteArray[x] = (byte)i; } des.Key = ASCIIEncoding.ASCII.GetBytes(key); //建立加密对象的密钥和偏移量,此值重要,不能修改 des.IV = ASCIIEncoding.ASCII.GetBytes(key); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //建立StringBuild对象,createDecrypt使用的是流对象,必须把解密后的文本变成流对象 StringBuilder ret = new StringBuilder(); return System.Text.Encoding.Default.GetString(ms.ToArray()); } catch (Exception) { return "error"; } } #endregion } }
2、登录处理过程,写入cookie:
[HttpPost] public ActionResult Login(string username,string userpass) { if (username=="admin" && userpass=="admin") { LoginUser loginuser = new LoginUser(); loginuser.ID = 1; loginuser.UserName = username; loginuser.Roles = "Administrator"; loginuser.Expires = DateTime.Now.AddHours(2); loginuser.Login("Administrator"); return Content("登录成功"); //return RedirectToAction("Index", "Home"); } return RedirectToAction("Login"); }
3、判断用户是否登录:
//是否登录 if(LoginUser.GetUserID("Administrator") > 0) { } // 用户ID int userID=LoginUser.GetUserID("Administrator") //获取用户名 string userName= LoginUser.GetUser("Administrator").UserName
再来分享一个示例
1.HTML部分:
<form id="form1" runat="server"> <script src="../Script/jquery-v1.10.2.js" type="text/javascript"></script> <script src="login.js" type="text/javascript"></script> <div class="" style="height: 160px"> <div> <label for="userName"> 帐号:</label> <input type="text" name="userName" /> </div> <div> <label for="password"> 密码:</label> <input type="password" name="password" /> </div> <input type="submit" id="btnSumit" value="登录" /> <p class="msg"> </p> </div> </form>
2.引入登录插件:login.js
/*! * 插件名称:登录插件封装,使用方法: $('#form1').login({ url: "LoginHandler.ashx",//处理登录验证逻辑的Url userName: $("input[name='userName']"),//用户名输入框 password: $("input[name='password']"),//密码输入框 msg: $(".msg"), //提示信息 button: $("#btnSumit") //提交按钮 }); */ (function ($) { $.fn.login = function (option) { var defaults = { url: '/account/login/', msg: $(this).find('.msg'), userName: $(this).find("input[name='userName']"), password: $(this).find("input[name='password']"), button: $(this).find("#button") }; var options = $.extend(defaults, option); var errMsg = { 'inputUserName': '请输入用户名', 'inputPassword': '请填写登录密码', 'passwordLength': '密码应在6-32位字符内', 'noreg': '此账号未注册', 'inviladUserName': '帐号不存在', 'accountNotMatch': '账号密码不匹配', 'userLocked': '帐号锁定中,暂时无法登录', 'serverdown': '服务器繁忙,请稍后再试' }; //提交数据 function submit() { var userNameInput = $.trim(options.userName.val()); var passwordInput = $.trim(options.password.val()); if (userNameInput == '') { showMsg('登录名不能为空'); options.userName.focus(); return; } if (passwordInput == '') { showMsg('密码不能为空'); options.password.focus(); return; } $.ajax({ type: "POST", url: options.url, data: "userName=" + userNameInput + "&password=" + passwordInput, success: function (msg) { var result = eval("[" + msg + "]")[0]; if (result.status == "ok") { //登录成功处理 showMsg("登录成功...."); } else { showMsg(errMsg[result.status]); } } }); } //显示错误信息 function showMsg(msg) { options.msg.html(msg); } //绑定按钮事件 options.button.bind('click', function () { submit(); return false; }); }; })(jQuery);
3.页面调用插件:
<script type="text/javascript"> $('#form1').login({ url: "AjaxLogin.aspx", userName: $("input[name='userName']"), password: $("input[name='password']"), msg: $(".msg"), button: $("#btnSumit") }); </script>
4.后台处理逻辑(请根据实际需求做相应调整)
using System; using System.Web; using System.Web.UI; namespace Whir.SiteFactory.Website.Admin.Account { public partial class AjaxLogin : Page { protected void Page_Load(object sender, EventArgs e) { string status = ProcessLogin(); Response.Clear(); Response.Write(status); Response.End(); } private string ProcessLogin() { try { string userName = HttpContext.Current.Request.Form["userName"]; string password = HttpContext.Current.Request.Form["password"]; if (string.IsNullOrEmpty(userName)) { return "{status:'inputUserName'}"; //请输入用户名 } if (string.IsNullOrEmpty(password)) { return "{status:'inputPassword'}"; //请填写登录密码 } if (password.Length < 6 || password.Length > 32) { return "{status:'passwordLength'}"; //密码应在6-32位字符内 } //var user = UserService.GetUserByName(userName); //if (user == null) //{ // return "{status:'inviladUserName'}"; //帐号不存在 //} //if (user.IsLocked) //{ // return "{status:'userLocked'}"; //帐号锁定中,暂时无法登录 //} //if (user.Password.ToLower() != password.ToMd5().ToLower()) //{ // return "{accountNotMatch:'ok'}"; //账号密码不匹配 //} //其他操作: //写入客户端cookie //登录日志 return "{status:'ok'}"; //登录成功 } catch (Exception ex) { return "{status:'serverdown'}"; //服务器繁忙,请稍后再试 } } } }