asp.net单一登录-白红宇

asp.net单一登录

阅读量：3963 次

发布时间：2019-05-24

本文共 2771 字，大约阅读时间需要 9 分钟。

asp.net 使用 Application 限制单一登录

原理：用户登录后系统会分配一个与用户唯一对应的SessionID，将当前用户ID与其SessionID对应保存在Application中，一旦该用户在其他地方重复登录则Application中保存的SessionID就会被更新，导致当前session中的SessionID与Application中的SessionID不再一致

用户登录后保存SessionID在Application中

private static void RecordLogin(string strUId){    HttpContext.Current.Application.Lock();    HttpContext.Current.Application["SESSIONID_" + strUId] = HttpContext.Current.Session.SessionID;    HttpContext.Current.Application.UnLock();}

判断方法

public static bool CheckRepeatLogin(string strUId){    object objSessionId = HttpContext.Current.Application["SESSIONID_" + strUId];    if (objSessionId == null || objSessionId.ToString() == "") return false;    return objSessionId.ToString() != HttpContext.Current.Session.SessionID;}

aspx页面跳转时判断：添加基类 BasePage.cs

public class BasePage:System.Web.UI.Page{    public UserInfo CurUser = null;    protected override void OnInitComplete(EventArgs e)    {        CurUser = CurSession.CurUser;        if (CurUser == null)        {            Response.Redirect(SysHelper.GetVirtualPath() + "pagesessionnull.html", true);        }        if (LoginService.CheckRepeatLogin(CurUser.UId))        {            Response.Redirect(SysHelper.GetVirtualPath() + "pagerepeatlogin.html", true);        }        base.OnInitComplete(e);    }    protected override void OnLoadComplete(EventArgs e)    {        Response.Cache.SetNoStore();        base.OnLoadComplete(e);    }}

ashx页面请求时判断：添加基类 BaseHandler.cs

public class BaseHandler : IHttpHandler, IRequiresSessionState{    public UserInfo CurUser = null;    public HttpContext CurContext = null;    public void ProcessRequest(HttpContext context)    {        context.Response.ContentType = "application/json";        context.Response.Charset = "utf-8";        context.Response.Cache.SetCacheability(HttpCacheability.NoCache);        try        {            CurUser = CurSession.CurUser;            CurContext = context;            if (CurUser == null)            {                context.Response.Write(JsonHelper.GetResult(false, "登录超时，请重新登录", new { rcode = -98 }));            }            else if (LoginService.CheckRepeatLogin(CurUser.UId))            {                context.Response.Write(JsonHelper.GetResult(false, "您的帐号在其他地方登录，您已经被踢出，请重新登录", new { rcode = -99 }));            }            else            {
                   context.Response.Write(ActionMethod());            }        }        catch (Exception ex)        {            context.Response.Write(JsonHelper.GetResult(ex.Message.ToString()));        }        finally        {            context.Response.End();        }    }    public virtual string ActionMethod()    {        return JsonHelper.GetResult();    }    public bool IsReusable    {        get        {            return false;        }    }}

转载地址：http://dakki.baihongyu.com/

你可能感兴趣的文章