c#通用登录模块分享
//举个例子:一个网站有用户系统、商家系统、网站后台3个系统
//可以分3个userType,user,shop,system
//网站后台一般都有角色,如admin,employee
//那么网站的角色就有user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的,所以他们是同一类用户(system)
使用方法:
1、添加一个类LoginUser.cs代码如下:
代码:
namespaceMVCCommonAuth { #region功能说明 //举个例子:一个网站有用户系统、商家系统、网站后台3个系统 //可以分3个userType,user,shop,system //网站后台一般都有角色,如admin,employee //那么网站的角色就有user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的,所以他们是同一类用户(system) #endregion publicenumUserType { User, Shop, System } [Serializable] publicclassLoginUser { privatestaticstringDESKEY=DateTime.Now.ToString("1234MMdd"); publicintID{get;set;} publicstringUserName{get;set;} publicstringRoles{get;set;} publicDateTimeExpires{get;set;} publicreadonlystaticstringCookieNamePrefix="authcookie"; publicvoidLogin(stringuserType,stringdomain=null,stringpath=null) { varkeyName=CookieNamePrefix+userType; varjson=JsonConvert.SerializeObject(this); varvalue=EncryptString(json,DESKEY); HttpCookiecookie=newHttpCookie(keyName,value); cookie.Expires=Expires; if(!string.IsNullOrWhiteSpace(domain)) { cookie.Domain=domain; } if(path!=null) { cookie.Path=path; } HttpContext.Current.Items[keyName]=this; HttpContext.Current.Response.Cookies.Add(cookie); } ///<summary> ///从cookie读取用户信息 ///</summary> ///<paramname="cookieName"></param> privatestaticLoginUserBuildUser(stringkeyName) { varcookie=HttpContext.Current.Request.Cookies[keyName]; if(cookie!=null&&!string.IsNullOrEmpty(cookie.Value)) { try { varjson=DecryptString(cookie.Value,DESKEY); varloginuser=JsonConvert.DeserializeObject<LoginUser>(json); if(loginuser!=null) { if(loginuser.Expires>=DateTime.Now) { returnloginuser; } } } catch { //donothing } } returnnull; } publicstaticLoginUserGetUser(stringuserType) { varkeyName=CookieNamePrefix+userType; if(!HttpContext.Current.Items.Contains(keyName)) { varuser=BuildUser(keyName); HttpContext.Current.Items[keyName]=user; returnuser; } else { returnHttpContext.Current.Items[keyName]asLoginUser; } } publicstaticintGetUserID(stringuserType) { varuser=GetUser(userType); if(user!=null) returnuser.ID; return0; } ///<summary> ///退出cookie登录 ///</summary> publicstaticvoidLogout(stringuserType) { varkeyName=CookieNamePrefix+userType; HttpCookiecookie=newHttpCookie(keyName,string.Empty); cookie.Expires=DateTime.Now.AddMonths(-1); HttpContext.Current.Response.Cookies.Add(cookie); } #region字符串加密 ///<summary> ///利用DES加密算法加密字符串(可解密) ///</summary> ///<paramname="plaintext">被加密的字符串</param> ///<paramname="key">密钥(只支持8个字节的密钥)</param> ///<returns>加密后的字符串</returns> privatestaticstringEncryptString(stringplaintext,stringkey) { //访问数据加密标准(DES)算法的加密服务提供程序(CSP)版本的包装对象 DESCryptoServiceProviderdes=newDESCryptoServiceProvider(); des.Key=ASCIIEncoding.ASCII.GetBytes(key);//建立加密对象的密钥和偏移量 des.IV=ASCIIEncoding.ASCII.GetBytes(key);//原文使用ASCIIEncoding.ASCII方法的GetBytes方法 byte[]inputByteArray=Encoding.Default.GetBytes(plaintext);//把字符串放到byte数组中 MemoryStreamms=newMemoryStream();//创建其支持存储区为内存的流 //定义将数据流链接到加密转换的流 CryptoStreamcs=newCryptoStream(ms,des.CreateEncryptor(),CryptoStreamMode.Write); cs.Write(inputByteArray,0,inputByteArray.Length); cs.FlushFinalBlock(); //上面已经完成了把加密后的结果放到内存中去 StringBuilderret=newStringBuilder(); foreach(bytebinms.ToArray()) { ret.AppendFormat("{0:X2}",b); } ret.ToString(); returnret.ToString(); } ///<summary> ///利用DES解密算法解密密文(可解密) ///</summary> ///<paramname="ciphertext">被解密的字符串</param> ///<paramname="key">密钥(只支持8个字节的密钥,同前面的加密密钥相同)</param> ///<returns>返回被解密的字符串</returns> privatestaticstringDecryptString(stringciphertext,stringkey) { try { DESCryptoServiceProviderdes=newDESCryptoServiceProvider(); byte[]inputByteArray=newbyte[ciphertext.Length/2]; for(intx=0;x<ciphertext.Length/2;x++) { inti=(Convert.ToInt32(ciphertext.Substring(x*2,2),16)); inputByteArray[x]=(byte)i; } des.Key=ASCIIEncoding.ASCII.GetBytes(key);//建立加密对象的密钥和偏移量,此值重要,不能修改 des.IV=ASCIIEncoding.ASCII.GetBytes(key); MemoryStreamms=newMemoryStream(); CryptoStreamcs=newCryptoStream(ms,des.CreateDecryptor(),CryptoStreamMode.Write); cs.Write(inputByteArray,0,inputByteArray.Length); cs.FlushFinalBlock(); //建立StringBuild对象,createDecrypt使用的是流对象,必须把解密后的文本变成流对象 StringBuilderret=newStringBuilder(); returnSystem.Text.Encoding.Default.GetString(ms.ToArray()); } catch(Exception) { return"error"; } } #endregion } }
2、登录处理过程,写入cookie:
[HttpPost] publicActionResultLogin(stringusername,stringuserpass) { if(username=="admin"&&userpass=="admin") { LoginUserloginuser=newLoginUser(); loginuser.ID=1; loginuser.UserName=username; loginuser.Roles="Administrator"; loginuser.Expires=DateTime.Now.AddHours(2); loginuser.Login("Administrator"); returnContent("登录成功"); //returnRedirectToAction("Index","Home"); } returnRedirectToAction("Login"); }
3、判断用户是否登录:
//是否登录 if(LoginUser.GetUserID("Administrator")>0) { } //用户ID intuserID=LoginUser.GetUserID("Administrator") //获取用户名 stringuserName=LoginUser.GetUser("Administrator").UserName
再来分享一个示例
1.HTML部分:
<formid="form1"runat="server"> <scriptsrc="../Script/jquery-v1.10.2.js"type="text/javascript"></script> <scriptsrc="login.js"type="text/javascript"></script> <divclass=""style="height:160px"> <div> <labelfor="userName"> 帐号:</label> <inputtype="text"name="userName"/> </div> <div> <labelfor="password"> 密码:</label> <inputtype="password"name="password"/> </div> <inputtype="submit"id="btnSumit"value="登录"/> <pclass="msg"></p> </div> </form>
2.引入登录插件:login.js
/*! *插件名称:登录插件封装,使用方法: $('#form1').login({ url:"LoginHandler.ashx",//处理登录验证逻辑的Url userName:$("input[name='userName']"),//用户名输入框 password:$("input[name='password']"),//密码输入框 msg:$(".msg"),//提示信息 button:$("#btnSumit")//提交按钮 }); */ (function($){ $.fn.login=function(option){ vardefaults={ url:'/account/login/', msg:$(this).find('.msg'), userName:$(this).find("input[name='userName']"), password:$(this).find("input[name='password']"), button:$(this).find("#button") }; varoptions=$.extend(defaults,option); varerrMsg={ 'inputUserName':'请输入用户名', 'inputPassword':'请填写登录密码', 'passwordLength':'密码应在6-32位字符内', 'noreg':'此账号未注册', 'inviladUserName':'帐号不存在', 'accountNotMatch':'账号密码不匹配', 'userLocked':'帐号锁定中,暂时无法登录', 'serverdown':'服务器繁忙,请稍后再试' }; //提交数据 functionsubmit(){ varuserNameInput=$.trim(options.userName.val()); varpasswordInput=$.trim(options.password.val()); if(userNameInput==''){ showMsg('登录名不能为空'); options.userName.focus(); return; } if(passwordInput==''){ showMsg('密码不能为空'); options.password.focus(); return; } $.ajax({ type:"POST", url:options.url, data:"userName="+userNameInput+"&password="+passwordInput, success:function(msg){ varresult=eval("["+msg+"]")[0]; if(result.status=="ok"){ //登录成功处理 showMsg("登录成功...."); }else{ showMsg(errMsg[result.status]); } } }); } //显示错误信息 functionshowMsg(msg){ options.msg.html(msg); } //绑定按钮事件 options.button.bind('click',function(){ submit(); returnfalse; }); }; })(jQuery);
3.页面调用插件:
<scripttype="text/javascript"> $('#form1').login({ url:"AjaxLogin.aspx", userName:$("input[name='userName']"), password:$("input[name='password']"), msg:$(".msg"), button:$("#btnSumit") }); </script>
4.后台处理逻辑(请根据实际需求做相应调整)
usingSystem; usingSystem.Web; usingSystem.Web.UI; namespaceWhir.SiteFactory.Website.Admin.Account { publicpartialclassAjaxLogin:Page { protectedvoidPage_Load(objectsender,EventArgse) { stringstatus=ProcessLogin(); Response.Clear(); Response.Write(status); Response.End(); } privatestringProcessLogin() { try { stringuserName=HttpContext.Current.Request.Form["userName"]; stringpassword=HttpContext.Current.Request.Form["password"]; if(string.IsNullOrEmpty(userName)) { return"{status:'inputUserName'}";//请输入用户名 } if(string.IsNullOrEmpty(password)) { return"{status:'inputPassword'}";//请填写登录密码 } if(password.Length<6||password.Length>32) { return"{status:'passwordLength'}";//密码应在6-32位字符内 } //varuser=UserService.GetUserByName(userName); //if(user==null) //{ //return"{status:'inviladUserName'}";//帐号不存在 //} //if(user.IsLocked) //{ //return"{status:'userLocked'}";//帐号锁定中,暂时无法登录 //} //if(user.Password.ToLower()!=password.ToMd5().ToLower()) //{ //return"{accountNotMatch:'ok'}";//账号密码不匹配 //} //其他操作: //写入客户端cookie //登录日志 return"{status:'ok'}";//登录成功 } catch(Exceptionex) { return"{status:'serverdown'}";//服务器繁忙,请稍后再试 } } } }