private void Login() { foreach (var handler in _systemAuthenticationHandlers) { handler.OnLoginStart(); } foreach (var handler in _customAuthenticationHandlers) { handler.OnLoginStart(); } ////HACK:改成配置项 不要写死在程序中 var httpContext = HttpContext.Current; var account = httpContext.Request["account"]; var password = httpContext.Request["password"]; var extension = httpContext.Request["extension"]; var user = _userService.Authencation(account, password, extension); _logger.DebugFormat("正在验证登录信息:{0}", account); string redirectUrl; bool isLoginSuccess; var urlReferrer = httpContext.Request.UrlReferrer; var urlrefInQuery = httpContext.Request["urlReferrer"]; var refUrl = string.IsNullOrEmpty(urlrefInQuery) ? (urlReferrer != null ? urlReferrer.AbsoluteUri : string.Empty) : urlrefInQuery; var loginEntity = new LoginEntity(); loginEntity.ReferrerUrl = refUrl; if (user != null) { httpContext.Items[HttpMoudlesConst.HttpUserKey] = user; var loginCookie = new HttpCookie(LoginCookieKey, _desCrypto.Encryptor(account)) { HttpOnly = true }; var loginExtensionCookie = new HttpCookie(LoginExtensionCookieKey, extension) { HttpOnly = true }; httpContext.Response.Cookies.Add(loginCookie); httpContext.Response.Cookies.Add(loginExtensionCookie); _logger.DebugFormat("urlrefInQuery:{0}", urlrefInQuery); _logger.DebugFormat("urlReferrer:{0}", urlReferrer); if (!string.IsNullOrEmpty(refUrl)) { if (refUrl.IndexOf(LoginUrl.Replace("~/", ""), StringComparison.CurrentCultureIgnoreCase) >= 0) { refUrl = ConvertUrl(HomeUrl); } } redirectUrl = !string.IsNullOrEmpty(refUrl) ? refUrl : ConvertUrl(refUrl); isLoginSuccess = true; } else { _logger.DebugFormat("用户名密码校验不通过:account={0};pwd={1},跳转到登录页并记录状态", account, password); redirectUrl = LoginUrl + string.Format("?status={0}", "0"); isLoginSuccess = false; } loginEntity.RedirectUrl = redirectUrl; loginEntity.Extension = extension; loginEntity.UserName = account; loginEntity.Pwd = password; loginEntity.IsLoginSuccess = isLoginSuccess; foreach (var handler in _systemAuthenticationHandlers) { handler.OnLoginEnd(loginEntity); } foreach (var handler in _customAuthenticationHandlers) { handler.OnLoginEnd(loginEntity); } httpContext.Response.Redirect(redirectUrl); }