Пример #1
0
        /// <summary>
        /// 清除会员登录缓存信息
        /// </summary>
        public static void ClearUserLogin()
        {
            try
            {
                var loginData = LoginData;

                #region 重新获取并写入Cookie
                var model = AdminService.Get(w => w.Id == loginData.Id);
                if (model != null)
                {
                    #region 保存票据
                    UserLoginEncrypt userLoginEncryptData = new UserLoginEncrypt();
                    userLoginEncryptData.UserData = string.Format(Config.userData
                                                                  , model.Id
                                                                  //, model.UserGuid
                                                                  , model.UserName
                                                                  , loginData.Password
                                                                  //, model.Mobile
                                                                  //, model.Email
                                                                  , model.Name
                                                                  //, model.UserPic
                                                                  //, model.Gender
                                                                  , model.Enabled
                                                                  //, loginData.Logins
                                                                  , loginData.LoginDate
                                                                  , loginData.LoginIp
                                                                  , loginData.IsAdmin
                                                                  );

                    if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
                    {
                        //写入Session值
                        if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
                        {
                            UserLoginData _data = XmlToModel.ToUser(userLoginEncryptData.UserData);
                            if (_data != null)
                            {
                                SessionUser.WriteSession(_data.Id);
                                SessionUser.WriteSession(_data);
                            }
                            //用于校验cookie值是否被修改和Session的及时性
                            SessionUser.WriteSessionMd5(Security.Md5(userLoginEncryptData.UserData));
                        }
                        //写入Cookie
                        userLoginEncryptData.UserData = Security.DesEncrypt(userLoginEncryptData.UserData);
                        Cookie.WriteCookie(userLoginEncryptData, DateTime.Now.AddDays(7));
                    }
                    #endregion
                }
                #endregion
            }
            catch { }
        }
Пример #2
0
        public static UserLoginData GetUser()
        {
            /*
             * 采用Cookie和Session双重验证
             * 方法:
             *      1、Session和Cookie同时存在时,直接读取Session值
             *      2、Cookie存在、Session丢失,把Cookie值,自动二次登录生成Session,同时验证Cookie的完整性
             *      3、Cookie丢失,清除Cookie和Session记录
             * 要点:
             *      1、Cookie用于记着用户登录,Session用于即时验证
             *      2、用户在修改加密后的Cookie值时,不会对当前登录账户造成造成影响,只有Session丢失之后,在解密时才会失败,同时清除Cookie值
             */

            //循环读取会员生成的Cookie组数据
            string xml = "";

            for (int i = 0; i < Config.cookieName.Length; i++)
            {
                HttpCookie cookie = HttpContext.Current.Request.Cookies[Config.cookieName[i]];
                if (cookie != null)
                {
                    xml += cookie.Value;
                }
            }
            UserLoginData userLoginData = new UserLoginData();

            //校验cookie值是否已经修改和Session的及时性
            bool isCookieMd5 = false;

            try
            {
                if (SessionUser.Md5 == Security.Md5(xml))
                {
                    isCookieMd5 = true;
                }
            }
            catch { }

            //一、判断Session和Cookie同时存在
            if (SessionUser.Exists() && !string.IsNullOrEmpty(xml) && isCookieMd5)
            {
                try
                {
                    userLoginData = SessionUser.UserModel;
                }
                catch { }
                //System.IO.File.AppendAllText(System.Web.HttpContext.Current.Server.MapPath("/_logs/log.txt"), "SessionUser.Md5\r\n");
            }
            else
            {
                //二、Cookie存在、Session丢失
                if (!string.IsNullOrEmpty(xml))
                {
                    string encryptXml = xml;
                    xml           = Security.DesDecrypt(xml);
                    userLoginData = XmlToModel.ToUser(xml);
                    if (userLoginData != null)
                    {
                        //自动二次登录生成Session
                        UserLoginEncrypt userLoginEncrypt = new UserLoginEncrypt();

                        if (Main.ReLogin(userLoginData.Id, userLoginData.Password))
                        {
                            SessionUser.WriteSession(userLoginData.Id);
                            SessionUser.WriteSession(userLoginData);
                            SessionUser.WriteSessionMd5(Security.Md5(encryptXml));
                        }
                        else
                        {
                            Cookie.ClearCookie();
                        }
                    }
                    else
                    {
                        Cookie.ClearCookie();
                    }
                }
                else
                {
                    //三、Cookie丢失,清除Cookie和Session记录
                    Cookie.ClearCookie();
                }
            }
            return(userLoginData);
        }
Пример #3
0
        /// <summary>
        /// 用户登录
        /// </summary>
        public static string Login(string loginName, string plaintext, string ipAddress, string checkCode, bool IsAuto = false)
        {
            if (!VerifyCode.Validate(checkCode))
            {
                return("验证码输入错误");
            }

            var model = AdminService.Login(loginName, plaintext, ipAddress);

            //判断是否登录成功
            if (model != null)
            {
                #region 保存票据
                UserLoginEncrypt userLoginEncryptData = new UserLoginEncrypt();
                userLoginEncryptData.UserData = string.Format(Config.userData
                                                              , model.Id
                                                              , model.UserName
                                                              , plaintext
                                                              , model.Name
                                                              , model.Enabled
                                                              , model.LastLoginTime
                                                              , model.LastLoginIp
                                                              , model.IsAdmin
                                                              );

                if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
                {
                    //写入Session值
                    if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
                    {
                        UserLoginData _data = XmlToModel.ToUser(userLoginEncryptData.UserData);
                        if (_data != null)
                        {
                            SessionUser.WriteSession(_data.Id);
                            SessionUser.WriteSession(_data);
                        }
                        //用于校验cookie值是否被修改和Session的及时性
                        SessionUser.WriteSessionMd5(Security.Md5(userLoginEncryptData.UserData));
                    }
                    //写入Cookie
                    userLoginEncryptData.UserData = Security.DesEncrypt(userLoginEncryptData.UserData);
                    if (IsAuto)
                    {
                        Cookie.WriteCookie(userLoginEncryptData, DateTime.Now.AddDays(7));
                    }
                    else
                    {
                        Cookie.WriteCookie(userLoginEncryptData, DateTime.Now.AddHours(1));
                    }

                    #region 单用户登录
                    HttpContext.Current.Session[Config.sessionUserGUID] = Guid.NewGuid().ToString("N");
                    CookieUtility.Save(Config.cookiesUserGUID, HttpContext.Current.Session[Config.sessionUserGUID].ToString(), 10);
                    Hashtable hOnline = (Hashtable)HttpContext.Current.Application["Online"];
                    if (hOnline != null)
                    {
                        IDictionaryEnumerator idE = hOnline.GetEnumerator();
                        string strKey             = "";
                        while (idE.MoveNext())
                        {
                            if (idE.Value != null && idE.Value.ToString().Equals(model.Id.ToString()))
                            {
                                strKey          = idE.Key.ToString();
                                hOnline[strKey] = "XXXXXX";
                                break;
                            }
                        }
                    }
                    else
                    {
                        hOnline = new Hashtable();
                    }
                    hOnline[HttpContext.Current.Session[Config.sessionUserGUID].ToString()] = model.Id;
                    HttpContext.Current.Application.Lock();
                    HttpContext.Current.Application["Online"] = hOnline;
                    HttpContext.Current.Application.UnLock();
                    #endregion
                }
                #endregion
                return("");
            }
            else
            {
                return("登录名或密码错误");
            }
        }