ASP.net 完整登录流程

登录流程

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using MyProject.IBLL;
using MyProject.BLL;
using MyProject.Common;
using System.Drawing;
using System.IO;

namespace MyProject.Controllers
{
    public class LoginController : Controller
    {
        //
        // GET: /Login/
        IUserInfoService userInfoService = new UserInfoService();
        //展示登录页面
        public ActionResult Index()
        {
            if (CheckCookieInfo()) {
                return Redirect("/UserInfo/Index");
            }
            return View();
        }

        private bool CheckCookieInfo()
        {
            bool flag = false;
            if (Request.Cookies["cp1"] != null && Request.Cookies["cp2"] != null)
            {
                //获取浏览器传递过来的Cookie值
                string username = Request.Cookies["cp1"].Value;
                string psd = Request.Cookies["cp2"].Value;
                string msg;
                if (userInfoService.CheckUser(username, psd, out msg))
                {
                    //设置登录标识
                    Session["username"] = username;
                    flag = true;
                }
                else
                {
                    //验证失败清空无效Cookie
                    Response.Cookies["cp1"].Expires = DateTime.Now.AddDays(-1);
                    Response.Cookies["cp2"].Expires = DateTime.Now.AddDays(-1);
                }
            }
            return flag;
        }
        //获取验证码
        public ActionResult CreateCode() {
            YZMHelper yzm = new YZMHelper();
            Session["vCode"] = yzm.Text;
            MemoryStream ms = new MemoryStream();
            yzm.Image.Save(ms, System.Drawing.Imaging.ImageFormat.Bmp);
            byte[] bytes = ms.ToArray();
            ms.Close();
            return File(bytes, "Image/JPEG");
        }
        //检查用户名是否存在
        public ActionResult ChechUserName(string username) {
            if (userInfoService.LoadEntity(u => u.UserName == username).FirstOrDefault() != null)
            {
                return Json(new { res = 1 }, JsonRequestBehavior.AllowGet);
            }
            else {
                return Json(new { res = 0 }, JsonRequestBehavior.AllowGet);
            }
        }
        //登录校验
        public ActionResult CkeckUser() {
            string username = Request["UserName"];
            string psd = Request["UserPwd"];
            string vcode = Request["vCode"];
            bool remmberFlag = Request["remmber"]=="1"?true:false;
            if (vcode.Equals(Session["vCode"].ToString(), StringComparison.CurrentCultureIgnoreCase))
            {
                //清空保存验证码Session
                Session["vCode"] = null;
                string msg;
                if (userInfoService.CheckUser(username, psd, out msg))
                {
                    Session["username"] = username;
                    if (remmberFlag) {
                        //设置Cokkie信息
                        HttpCookie cookie1 = new HttpCookie("cp1", username);
                        //密码最好使用MD5加密
                        HttpCookie cookie2 = new HttpCookie("cp2", psd);
                        //设置过期时间
                        cookie1.Expires = DateTime.Now.AddDays(3);
                        cookie2.Expires = DateTime.Now.AddDays(3);
                        Response.Cookies.Add(cookie1);
                        Response.Cookies.Add(cookie2);
                    }
                    return Json(new { res = 1, msg = "/UserInfo/Index" });
                }
                else
                {
                    //清空保存验证码Session,
                    Session["vCode"] = null;
                    return Json(new { res = 0, msg = msg });
                }
            }
            else {
                return Json(new { res = 2 });
            }
        }
    }
}

这种方法仅限于资源全储存于一台服务器上,如网站分布在多台服务器上,则需要单独将登录标识储存于数据库,然后给浏览器返回一个随机序列号作为SessionID,浏览器下次访问时会携带这个SessionId,然后从数据库(Memcache缓存)中查找,根据查找结果判断用户是否已经登录

这是实现服务器端分布式的必要的操作

               string sessionId =Guid.NewGuid().ToString();
          //作为Memcache的key
               Common.MemcacheHelper.Set(sessionId,username( 登录标识,可以随意设置 ), DateTime.Now.AddMinutes(20));
          //使用Memcache代替Session解决数据在不同Web服务器之间共享的问题。
               Response.Cookies["sessionId"].Value = sessionId;
          //将Memcache的key以cookie的形式返回到浏览器端的内存中,当用户再次请求其它的页面请求报文中会以Cookie将该值再次发送服务端。

接下来会介绍关于怎么用Memcache储存登录标识

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/xiaoliwang/p/7690490.html