/// <summary>
/// 用户登录
/// </summary>
public static bool Login(string loginName, string plaintext, string ipAddress, bool IsAuto)
{
bool result = false;
var model = UserService.Login(loginName, plaintext, ipAddress);
//判断是否登录成功
if (model != null)
{
result = true;
//读取登录日志
#region 保存票据
UserLoginEncrypt userLoginEncryptData = new UserLoginEncrypt();
userLoginEncryptData.UserData = string.Format(Config.userData
, model.Id
//, model.UserGuid
, loginName
, plaintext
, model.Phone
, model.Email
, model.NickName
, model.bgpic
, model.sex
, model.IsCertification
);
if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
{
result = true;
//写入Session值
if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
{
UserLoginData _data = XmlToModel.ToUser(userLoginEncryptData.UserData);
if (_data != null)
{
SessionUser.WriteSession(_data.Id);
SessionUser.WriteSession(_data);
}
//用于校验cookie值是否被修改和Session的及时性
SessionUser.WriteSessionMd5(Security.Md5(userLoginEncryptData.UserData));
}
//写入Cookie
userLoginEncryptData.UserData = Security.DesEncrypt(userLoginEncryptData.UserData);
if (IsAuto)
{
Cookie.WriteCookie(userLoginEncryptData, DateTime.Now.AddDays(7));
}
else
{
Cookie.WriteCookie(userLoginEncryptData);
}
}
#endregion
}
return(result);
}
/// <summary>
/// 清除会员登录缓存信息
/// </summary>
public static void ClearUserLogin()
{
try
{
var loginData = LoginData;
#region 重新获取并写入Cookie
var model = UserService.Get(w => w.Id == loginData.Id);
if (model != null)
{
#region 保存票据
UserLoginEncrypt userLoginEncryptData = new UserLoginEncrypt();
userLoginEncryptData.UserData = string.Format(Config.userData
, model.Id
, loginData.LoginName
, loginData.Password
, model.Phone
, model.Email
, model.NickName
, model.bgpic
, model.sex
, model.IsCertification
//, loginData.Logins
//, loginData.LoginDate
//, loginData.LoginIp
);
if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
{
//写入Session值
if (!string.IsNullOrEmpty(userLoginEncryptData.UserData))
{
UserLoginData _data = XmlToModel.ToUser(userLoginEncryptData.UserData);
if (_data != null)
{
SessionUser.WriteSession(_data.Id);
SessionUser.WriteSession(_data);
}
//用于校验cookie值是否被修改和Session的及时性
SessionUser.WriteSessionMd5(Security.Md5(userLoginEncryptData.UserData));
}
//写入Cookie
userLoginEncryptData.UserData = Security.DesEncrypt(userLoginEncryptData.UserData);
Cookie.WriteCookie(userLoginEncryptData, DateTime.Now.AddDays(7));
}
#endregion
}
#endregion
}
catch { }
}
public static UserLoginData GetUser()
{
/*
* 采用Cookie和Session双重验证
* 方法:
* 1、Session和Cookie同时存在时,直接读取Session值
* 2、Cookie存在、Session丢失,把Cookie值,自动二次登录生成Session,同时验证Cookie的完整性
* 3、Cookie丢失,清除Cookie和Session记录
* 要点:
* 1、Cookie用于记着用户登录,Session用于即时验证
* 2、用户在修改加密后的Cookie值时,不会对当前登录账户造成造成影响,只有Session丢失之后,在解密时才会失败,同时清除Cookie值
*/
//循环读取会员生成的Cookie组数据
string xml = "";
for (int i = 0; i < Config.cookieName.Length; i++)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies[Config.cookieName[i]];
if (cookie != null)
{
xml += cookie.Value;
}
}
UserLoginData userLoginData = new UserLoginData();
//校验cookie值是否已经修改和Session的及时性
bool isCookieMd5 = false;
try
{
if (SessionUser.Md5 == Security.Md5(xml))
{
isCookieMd5 = true;
}
}
catch { }
//一、判断Session和Cookie同时存在
if (SessionUser.Exists() && !string.IsNullOrEmpty(xml) && isCookieMd5)
{
try
{
userLoginData = SessionUser.UserModel;
}
catch { }
//System.IO.File.AppendAllText(System.Web.HttpContext.Current.Server.MapPath("/_logs/log.txt"), "SessionUser.Md5\r\n");
}
else
{
//二、Cookie存在、Session丢失
if (!string.IsNullOrEmpty(xml))
{
string encryptXml = xml;
xml = Security.DesDecrypt(xml);
userLoginData = XmlToModel.ToUser(xml);
if (userLoginData != null)
{
//自动二次登录生成Session
UserLoginEncrypt userLoginEncrypt = new UserLoginEncrypt();
if (Main.ReLogin(userLoginData.Id, userLoginData.Password))
{
SessionUser.WriteSession(userLoginData.Id);
SessionUser.WriteSession(userLoginData);
SessionUser.WriteSessionMd5(Security.Md5(encryptXml));
}
else
{
Cookie.ClearCookie();
}
}
else
{
Cookie.ClearCookie();
}
}
else
{
//三、Cookie丢失,清除Cookie和Session记录
Cookie.ClearCookie();
}
}
return(userLoginData);
}