同一账户同时只能在一处登陆(单点登陆)
程序员文章站
2022-10-17 09:27:58
思路: 1:用户登陆-》产生一个随机Key(GUID)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端Cookie 每次用户访问页面,检测是否登陆时,读取浏览器的Cookie, 都判断key是否和服务器的相同。 eg: 用户在A在Chrome登陆后,服务端产生 ......
思路:
1:用户登陆-》产生一个随机key(guid)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端cookie
每次用户访问页面,检测是否登陆时,读取浏览器的cookie, 都判断key是否和服务器的相同。
eg: 用户在a在chrome登陆后,服务端产生一个guid,浏览器cookie存一份(key),服务端memcache也存一份(key + usercode, guid),
当用户a在firefox登陆后,服务端又产生了一个guid,浏览器cookie存一份(key),服务端memcache也存一份(key + usercode, guid),
当a用户再次刷新chrome时,浏览器的cookie和服务端的memcache的value(通过usercode查memcache的value)不一样了,强制退出。
1 /// <summary>
2 /// memcache,这里自己去定义
3 /// </summary>
4 private static cacheserver _cacheserver = cacheserver.getcacheoperateinstance();
5
6 /// <summary>
7 /// 设置cookie
8 /// </summary>
9 /// <param name="cookiename"></param>
10 /// <param name="cookievalue"></param>
11 /// <param name="expires"></param>
12 public static void setcookie(string cookiename, string cookievalue, datetime expires)
13 {
14 httpcookie cookie = new httpcookie(cookiename)
15 {
16 value = cookievalue,
17 expires = expires
18 };
19 system.web.httpcontext.current.response.cookies.add(cookie);
20 }
21
22 /// <summary>
23 /// 登陆成功后执行
24 /// </summary>
25 /// <param name="islogin"></param>
26 /// <param name="pusercode"></param>
27 /// <param name="cookiedomain"></param>
28 public void singlelogin(bool islogin, string pusercode, string cookiedomain)
29 {
30 if (islogin)
31 {
32 #region 限制同一账户同时只能在一处登陆
33 string singlekey = "singleguid";
34 string singlevalue = guid.newguid().tostring();
35 setcookie(singlekey, cookiedomain, datetime.now.adddays(7));
36 _cacheserver.addcacheruntime(singlekey + pusercode.tolower(), singlevalue, 1440 * 3);
37 #endregion
38 }
39 }
basecontrol中的代码:
1 /// <summary>
2 /// 获取指定cookie值
3 /// </summary>
4 /// <param name="cookiename">cookiename</param>
5 /// <returns></returns>
6 public static string getcookievalue(string cookiename)
7 {
8 httpcookie cookie = system.web.httpcontext.current.request.cookies[cookiename];
9 string str = string.empty;
10 if (cookie != null)
11 {
12 str = cookie.value;
13 }
14 return str;
15 }
16
17 /// <summary>
18 /// 名称:清除cookie
19 /// </summary>
20 private void removeallcookiesbase()
21 {
22 foreach (string key in httpcontext.request.cookies.allkeys)
23 {
24 httpcookie cookie = httpcontext.request.cookies[key];
25 cookie.domain = system.configuration.configurationmanager.appsettings["cookiedomain"];
26 cookie.expires = datetime.now.adddays(-1);
27 httpcontext.response.cookies.add(cookie);
28 }
29
30 }
31
32 /// <summary>
33 /// basecontrol中onactionexecuting中的代码
34 /// </summary>
35 /// <param name="filtercontext"></param>
36 protected override void onactionexecuting(actionexecutingcontext filtercontext)
37 {
38 //你的登陆对象,自己修改
39 usermodel _userprofile = new usermodel();
40
41 #region 限制同一账户同时只能在一处登陆
42 string singlekey = "singleguid";
43 //从客户端cookie取值
44 var clientvalue = getcookievalue(singlekey);
45
46 string servervalue = string.empty;
47 //从服务端cache获取
48 var servervalueobj = _cacheserver.getvaluewithcache(singlekey + _userprofile.usercode.tolower());
49 if (servervalueobj != null)
50 {
51 servervalue = convert.tostring(servervalueobj);
52 }
53
54 if (!servervalue.equals(clientvalue))
55 {
56 removeallcookiesbase();
57 system.web.security.formsauthentication.signout();
58
59 //登陆系统地址
60 string loginurl = system.configuration.configurationmanager.appsettings["loginpath"];
61 string hosturl = filtercontext.httpcontext.request.url.host;
62 var https_hosturl = "http://" + hosturl + "/";
63 filtercontext.result = new redirectresult(loginurl + https_hosturl);
64 }
base.onactionexecuting(filtercontext);
65 #endregion
66 }
根据自己项目的实际情况,适当的修改代码。
上一篇: 手把手教你如何跟心仪的妹子来一发
下一篇: 大学哪门课对你帮助最大,为什么?