c#通用登录模块分享
//举个例子:一个网站有用户系统、商家系统、网站后台3个系统
//可以分3个userType,user,shop,system
//网站后台一般都有角色,如admin,employee
//那么网站的角色就有user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的,所以他们是同一类用户(system)
使用方法:
1、添加一个类LoginUser.cs代码如下:
代码:
namespaceMVCCommonAuth
{
#region功能说明
//举个例子:一个网站有用户系统、商家系统、网站后台3个系统
//可以分3个userType,user,shop,system
//网站后台一般都有角色,如admin,employee
//那么网站的角色就有user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的,所以他们是同一类用户(system)
#endregion
publicenumUserType
{
User,
Shop,
System
}
[Serializable]
publicclassLoginUser
{
privatestaticstringDESKEY=DateTime.Now.ToString("1234MMdd");
publicintID{get;set;}
publicstringUserName{get;set;}
publicstringRoles{get;set;}
publicDateTimeExpires{get;set;}
publicreadonlystaticstringCookieNamePrefix="authcookie";
publicvoidLogin(stringuserType,stringdomain=null,stringpath=null)
{
varkeyName=CookieNamePrefix+userType;
varjson=JsonConvert.SerializeObject(this);
varvalue=EncryptString(json,DESKEY);
HttpCookiecookie=newHttpCookie(keyName,value);
cookie.Expires=Expires;
if(!string.IsNullOrWhiteSpace(domain))
{
cookie.Domain=domain;
}
if(path!=null)
{
cookie.Path=path;
}
HttpContext.Current.Items[keyName]=this;
HttpContext.Current.Response.Cookies.Add(cookie);
}
///<summary>
///从cookie读取用户信息
///</summary>
///<paramname="cookieName"></param>
privatestaticLoginUserBuildUser(stringkeyName)
{
varcookie=HttpContext.Current.Request.Cookies[keyName];
if(cookie!=null&&!string.IsNullOrEmpty(cookie.Value))
{
try
{
varjson=DecryptString(cookie.Value,DESKEY);
varloginuser=JsonConvert.DeserializeObject<LoginUser>(json);
if(loginuser!=null)
{
if(loginuser.Expires>=DateTime.Now)
{
returnloginuser;
}
}
}
catch
{
//donothing
}
}
returnnull;
}
publicstaticLoginUserGetUser(stringuserType)
{
varkeyName=CookieNamePrefix+userType;
if(!HttpContext.Current.Items.Contains(keyName))
{
varuser=BuildUser(keyName);
HttpContext.Current.Items[keyName]=user;
returnuser;
}
else
{
returnHttpContext.Current.Items[keyName]asLoginUser;
}
}
publicstaticintGetUserID(stringuserType)
{
varuser=GetUser(userType);
if(user!=null)
returnuser.ID;
return0;
}
///<summary>
///退出cookie登录
///</summary>
publicstaticvoidLogout(stringuserType)
{
varkeyName=CookieNamePrefix+userType;
HttpCookiecookie=newHttpCookie(keyName,string.Empty);
cookie.Expires=DateTime.Now.AddMonths(-1);
HttpContext.Current.Response.Cookies.Add(cookie);
}
#region字符串加密
///<summary>
///利用DES加密算法加密字符串(可解密)
///</summary>
///<paramname="plaintext">被加密的字符串</param>
///<paramname="key">密钥(只支持8个字节的密钥)</param>
///<returns>加密后的字符串</returns>
privatestaticstringEncryptString(stringplaintext,stringkey)
{
//访问数据加密标准(DES)算法的加密服务提供程序(CSP)版本的包装对象
DESCryptoServiceProviderdes=newDESCryptoServiceProvider();
des.Key=ASCIIEncoding.ASCII.GetBytes(key);//建立加密对象的密钥和偏移量
des.IV=ASCIIEncoding.ASCII.GetBytes(key);//原文使用ASCIIEncoding.ASCII方法的GetBytes方法
byte[]inputByteArray=Encoding.Default.GetBytes(plaintext);//把字符串放到byte数组中
MemoryStreamms=newMemoryStream();//创建其支持存储区为内存的流
//定义将数据流链接到加密转换的流
CryptoStreamcs=newCryptoStream(ms,des.CreateEncryptor(),CryptoStreamMode.Write);
cs.Write(inputByteArray,0,inputByteArray.Length);
cs.FlushFinalBlock();
//上面已经完成了把加密后的结果放到内存中去
StringBuilderret=newStringBuilder();
foreach(bytebinms.ToArray())
{
ret.AppendFormat("{0:X2}",b);
}
ret.ToString();
returnret.ToString();
}
///<summary>
///利用DES解密算法解密密文(可解密)
///</summary>
///<paramname="ciphertext">被解密的字符串</param>
///<paramname="key">密钥(只支持8个字节的密钥,同前面的加密密钥相同)</param>
///<returns>返回被解密的字符串</returns>
privatestaticstringDecryptString(stringciphertext,stringkey)
{
try
{
DESCryptoServiceProviderdes=newDESCryptoServiceProvider();
byte[]inputByteArray=newbyte[ciphertext.Length/2];
for(intx=0;x<ciphertext.Length/2;x++)
{
inti=(Convert.ToInt32(ciphertext.Substring(x*2,2),16));
inputByteArray[x]=(byte)i;
}
des.Key=ASCIIEncoding.ASCII.GetBytes(key);//建立加密对象的密钥和偏移量,此值重要,不能修改
des.IV=ASCIIEncoding.ASCII.GetBytes(key);
MemoryStreamms=newMemoryStream();
CryptoStreamcs=newCryptoStream(ms,des.CreateDecryptor(),CryptoStreamMode.Write);
cs.Write(inputByteArray,0,inputByteArray.Length);
cs.FlushFinalBlock();
//建立StringBuild对象,createDecrypt使用的是流对象,必须把解密后的文本变成流对象
StringBuilderret=newStringBuilder();
returnSystem.Text.Encoding.Default.GetString(ms.ToArray());
}
catch(Exception)
{
return"error";
}
}
#endregion
}
}
2、登录处理过程,写入cookie:
[HttpPost]
publicActionResultLogin(stringusername,stringuserpass)
{
if(username=="admin"&&userpass=="admin")
{
LoginUserloginuser=newLoginUser();
loginuser.ID=1;
loginuser.UserName=username;
loginuser.Roles="Administrator";
loginuser.Expires=DateTime.Now.AddHours(2);
loginuser.Login("Administrator");
returnContent("登录成功");
//returnRedirectToAction("Index","Home");
}
returnRedirectToAction("Login");
}
3、判断用户是否登录:
//是否登录
if(LoginUser.GetUserID("Administrator")>0)
{
}
//用户ID
intuserID=LoginUser.GetUserID("Administrator")
//获取用户名
stringuserName=LoginUser.GetUser("Administrator").UserName
再来分享一个示例
1.HTML部分:
<formid="form1"runat="server"> <scriptsrc="../Script/jquery-v1.10.2.js"type="text/javascript"></script> <scriptsrc="login.js"type="text/javascript"></script> <divclass=""style="height:160px"> <div> <labelfor="userName"> 帐号:</label> <inputtype="text"name="userName"/> </div> <div> <labelfor="password"> 密码:</label> <inputtype="password"name="password"/> </div> <inputtype="submit"id="btnSumit"value="登录"/> <pclass="msg"></p> </div> </form>
2.引入登录插件:login.js
/*!
*插件名称:登录插件封装,使用方法:
$('#form1').login({
url:"LoginHandler.ashx",//处理登录验证逻辑的Url
userName:$("input[name='userName']"),//用户名输入框
password:$("input[name='password']"),//密码输入框
msg:$(".msg"),//提示信息
button:$("#btnSumit")//提交按钮
});
*/
(function($){
$.fn.login=function(option){
vardefaults={
url:'/account/login/',
msg:$(this).find('.msg'),
userName:$(this).find("input[name='userName']"),
password:$(this).find("input[name='password']"),
button:$(this).find("#button")
};
varoptions=$.extend(defaults,option);
varerrMsg={
'inputUserName':'请输入用户名',
'inputPassword':'请填写登录密码',
'passwordLength':'密码应在6-32位字符内',
'noreg':'此账号未注册',
'inviladUserName':'帐号不存在',
'accountNotMatch':'账号密码不匹配',
'userLocked':'帐号锁定中,暂时无法登录',
'serverdown':'服务器繁忙,请稍后再试'
};
//提交数据
functionsubmit(){
varuserNameInput=$.trim(options.userName.val());
varpasswordInput=$.trim(options.password.val());
if(userNameInput==''){
showMsg('登录名不能为空');
options.userName.focus();
return;
}
if(passwordInput==''){
showMsg('密码不能为空');
options.password.focus();
return;
}
$.ajax({
type:"POST",
url:options.url,
data:"userName="+userNameInput+"&password="+passwordInput,
success:function(msg){
varresult=eval("["+msg+"]")[0];
if(result.status=="ok"){
//登录成功处理
showMsg("登录成功....");
}else{
showMsg(errMsg[result.status]);
}
}
});
}
//显示错误信息
functionshowMsg(msg){
options.msg.html(msg);
}
//绑定按钮事件
options.button.bind('click',function(){
submit();
returnfalse;
});
};
})(jQuery);
3.页面调用插件:
<scripttype="text/javascript">
$('#form1').login({
url:"AjaxLogin.aspx",
userName:$("input[name='userName']"),
password:$("input[name='password']"),
msg:$(".msg"),
button:$("#btnSumit")
});
</script>
4.后台处理逻辑(请根据实际需求做相应调整)
usingSystem;
usingSystem.Web;
usingSystem.Web.UI;
namespaceWhir.SiteFactory.Website.Admin.Account
{
publicpartialclassAjaxLogin:Page
{
protectedvoidPage_Load(objectsender,EventArgse)
{
stringstatus=ProcessLogin();
Response.Clear();
Response.Write(status);
Response.End();
}
privatestringProcessLogin()
{
try
{
stringuserName=HttpContext.Current.Request.Form["userName"];
stringpassword=HttpContext.Current.Request.Form["password"];
if(string.IsNullOrEmpty(userName))
{
return"{status:'inputUserName'}";//请输入用户名
}
if(string.IsNullOrEmpty(password))
{
return"{status:'inputPassword'}";//请填写登录密码
}
if(password.Length<6||password.Length>32)
{
return"{status:'passwordLength'}";//密码应在6-32位字符内
}
//varuser=UserService.GetUserByName(userName);
//if(user==null)
//{
//return"{status:'inviladUserName'}";//帐号不存在
//}
//if(user.IsLocked)
//{
//return"{status:'userLocked'}";//帐号锁定中,暂时无法登录
//}
//if(user.Password.ToLower()!=password.ToMd5().ToLower())
//{
//return"{accountNotMatch:'ok'}";//账号密码不匹配
//}
//其他操作:
//写入客户端cookie
//登录日志
return"{status:'ok'}";//登录成功
}
catch(Exceptionex)
{
return"{status:'serverdown'}";//服务器繁忙,请稍后再试
}
}
}
}