同一账户同时只能在一处登陆(单点登陆)
程序员文章站
2022-10-17 09:27:58
思路: 1:用户登陆-》产生一个随机Key(GUID)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端Cookie 每次用户访问页面,检测是否登陆时,读取浏览器的Cookie, 都判断key是否和服务器的相同。 eg: 用户在A在Chrome登陆后,服务端产生 ......
思路:
1:用户登陆-》产生一个随机key(guid)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端cookie
每次用户访问页面,检测是否登陆时,读取浏览器的cookie, 都判断key是否和服务器的相同。
eg: 用户在a在chrome登陆后,服务端产生一个guid,浏览器cookie存一份(key),服务端memcache也存一份(key + usercode, guid),
当用户a在firefox登陆后,服务端又产生了一个guid,浏览器cookie存一份(key),服务端memcache也存一份(key + usercode, guid),
当a用户再次刷新chrome时,浏览器的cookie和服务端的memcache的value(通过usercode查memcache的value)不一样了,强制退出。
1 /// <summary> 2 /// memcache,这里自己去定义 3 /// </summary> 4 private static cacheserver _cacheserver = cacheserver.getcacheoperateinstance(); 5 6 /// <summary> 7 /// 设置cookie 8 /// </summary> 9 /// <param name="cookiename"></param> 10 /// <param name="cookievalue"></param> 11 /// <param name="expires"></param> 12 public static void setcookie(string cookiename, string cookievalue, datetime expires) 13 { 14 httpcookie cookie = new httpcookie(cookiename) 15 { 16 value = cookievalue, 17 expires = expires 18 }; 19 system.web.httpcontext.current.response.cookies.add(cookie); 20 } 21 22 /// <summary> 23 /// 登陆成功后执行 24 /// </summary> 25 /// <param name="islogin"></param> 26 /// <param name="pusercode"></param> 27 /// <param name="cookiedomain"></param> 28 public void singlelogin(bool islogin, string pusercode, string cookiedomain) 29 { 30 if (islogin) 31 { 32 #region 限制同一账户同时只能在一处登陆 33 string singlekey = "singleguid"; 34 string singlevalue = guid.newguid().tostring(); 35 setcookie(singlekey, cookiedomain, datetime.now.adddays(7)); 36 _cacheserver.addcacheruntime(singlekey + pusercode.tolower(), singlevalue, 1440 * 3); 37 #endregion 38 } 39 }
basecontrol中的代码:
1 /// <summary> 2 /// 获取指定cookie值 3 /// </summary> 4 /// <param name="cookiename">cookiename</param> 5 /// <returns></returns> 6 public static string getcookievalue(string cookiename) 7 { 8 httpcookie cookie = system.web.httpcontext.current.request.cookies[cookiename]; 9 string str = string.empty; 10 if (cookie != null) 11 { 12 str = cookie.value; 13 } 14 return str; 15 } 16 17 /// <summary> 18 /// 名称:清除cookie 19 /// </summary> 20 private void removeallcookiesbase() 21 { 22 foreach (string key in httpcontext.request.cookies.allkeys) 23 { 24 httpcookie cookie = httpcontext.request.cookies[key]; 25 cookie.domain = system.configuration.configurationmanager.appsettings["cookiedomain"]; 26 cookie.expires = datetime.now.adddays(-1); 27 httpcontext.response.cookies.add(cookie); 28 } 29 30 } 31 32 /// <summary> 33 /// basecontrol中onactionexecuting中的代码 34 /// </summary> 35 /// <param name="filtercontext"></param> 36 protected override void onactionexecuting(actionexecutingcontext filtercontext) 37 { 38 //你的登陆对象,自己修改 39 usermodel _userprofile = new usermodel(); 40 41 #region 限制同一账户同时只能在一处登陆 42 string singlekey = "singleguid"; 43 //从客户端cookie取值 44 var clientvalue = getcookievalue(singlekey); 45 46 string servervalue = string.empty; 47 //从服务端cache获取 48 var servervalueobj = _cacheserver.getvaluewithcache(singlekey + _userprofile.usercode.tolower()); 49 if (servervalueobj != null) 50 { 51 servervalue = convert.tostring(servervalueobj); 52 } 53 54 if (!servervalue.equals(clientvalue)) 55 { 56 removeallcookiesbase(); 57 system.web.security.formsauthentication.signout(); 58 59 //登陆系统地址 60 string loginurl = system.configuration.configurationmanager.appsettings["loginpath"]; 61 string hosturl = filtercontext.httpcontext.request.url.host; 62 var https_hosturl = "http://" + hosturl + "/"; 63 filtercontext.result = new redirectresult(loginurl + https_hosturl); 64 }
base.onactionexecuting(filtercontext); 65 #endregion 66 }
根据自己项目的实际情况,适当的修改代码。
上一篇: 手把手教你如何跟心仪的妹子来一发
下一篇: 大学哪门课对你帮助最大,为什么?