欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

同一账户同时只能在一处登陆(单点登陆)

程序员文章站 2022-10-17 09:27:58
思路: 1:用户登陆-》产生一个随机Key(GUID)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端Cookie 每次用户访问页面,检测是否登陆时,读取浏览器的Cookie, 都判断key是否和服务器的相同。 eg: 用户在A在Chrome登陆后,服务端产生 ......
思路:
1:用户登陆-》产生一个随机key(guid)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端cookie
每次用户访问页面,检测是否登陆时,读取浏览器的cookie, 都判断key是否和服务器的相同。
 
eg: 用户在a在chrome登陆后,服务端产生一个guid,浏览器cookie存一份(key),服务端memcache也存一份(key + usercode, guid),
当用户a在firefox登陆后,服务端又产生了一个guid,浏览器cookie存一份(key),服务端memcache也存一份(key + usercode, guid),
当a用户再次刷新chrome时,浏览器的cookie和服务端的memcache的value(通过usercode查memcache的value)不一样了,强制退出。
 
 1 /// <summary>
 2         /// memcache,这里自己去定义
 3         /// </summary>
 4         private static cacheserver _cacheserver = cacheserver.getcacheoperateinstance();
 5 
 6         /// <summary>
 7         /// 设置cookie
 8         /// </summary>
 9         /// <param name="cookiename"></param>
10         /// <param name="cookievalue"></param>
11         /// <param name="expires"></param>
12         public static void setcookie(string cookiename, string cookievalue, datetime expires)
13         {
14             httpcookie cookie = new httpcookie(cookiename)
15             {
16                 value = cookievalue,
17                 expires = expires
18             };
19             system.web.httpcontext.current.response.cookies.add(cookie);
20         }
21 
22         /// <summary>
23         /// 登陆成功后执行
24         /// </summary>
25         /// <param name="islogin"></param>
26         /// <param name="pusercode"></param>
27         /// <param name="cookiedomain"></param>
28         public void singlelogin(bool islogin, string pusercode, string cookiedomain)
29         {
30             if (islogin)
31             {
32                 #region 限制同一账户同时只能在一处登陆 
33                 string singlekey = "singleguid";
34                 string singlevalue = guid.newguid().tostring();
35                 setcookie(singlekey, cookiedomain, datetime.now.adddays(7));
36                 _cacheserver.addcacheruntime(singlekey + pusercode.tolower(), singlevalue, 1440 * 3);
37                 #endregion
38             }
39         }

basecontrol中的代码:

 1 /// <summary>  
 2         /// 获取指定cookie值  
 3         /// </summary>  
 4         /// <param name="cookiename">cookiename</param>  
 5         /// <returns></returns>  
 6         public static string getcookievalue(string cookiename)
 7         {
 8             httpcookie cookie = system.web.httpcontext.current.request.cookies[cookiename];
 9             string str = string.empty;
10             if (cookie != null)
11             {
12                 str = cookie.value;
13             }
14             return str;
15         }
16 
17         /// <summary>
18         /// 名称:清除cookie
19         /// </summary>
20         private void removeallcookiesbase()
21         {
22             foreach (string key in httpcontext.request.cookies.allkeys)
23             {
24                 httpcookie cookie = httpcontext.request.cookies[key];
25                 cookie.domain = system.configuration.configurationmanager.appsettings["cookiedomain"];
26                 cookie.expires = datetime.now.adddays(-1);
27                 httpcontext.response.cookies.add(cookie);
28             }
29             
30         }
31         
32         /// <summary>
33         /// basecontrol中onactionexecuting中的代码
34         /// </summary>
35         /// <param name="filtercontext"></param>
36         protected override void onactionexecuting(actionexecutingcontext filtercontext)
37         {
38             //你的登陆对象,自己修改
39             usermodel _userprofile = new usermodel();
40 
41             #region 限制同一账户同时只能在一处登陆
42             string singlekey = "singleguid";
43             //从客户端cookie取值
44             var clientvalue = getcookievalue(singlekey);
45 
46             string servervalue = string.empty;
47             //从服务端cache获取
48             var servervalueobj = _cacheserver.getvaluewithcache(singlekey + _userprofile.usercode.tolower());
49             if (servervalueobj != null)
50             {
51                 servervalue = convert.tostring(servervalueobj);
52             }
53 
54             if (!servervalue.equals(clientvalue))
55             {
56                 removeallcookiesbase();
57                 system.web.security.formsauthentication.signout();
58 
59                 //登陆系统地址
60                 string loginurl = system.configuration.configurationmanager.appsettings["loginpath"];
61                 string hosturl = filtercontext.httpcontext.request.url.host;
62                 var https_hosturl = "http://" + hosturl + "/";
63                 filtercontext.result = new redirectresult(loginurl + https_hosturl);
64             }
     base.onactionexecuting(filtercontext); 65 #endregion 66 }

根据自己项目的实际情况,适当的修改代码。