.NET Core2.0+MVC 用session,cookie实现的sso单点登录
博主刚接触.NET Core2.0,想做一个单点登录的demo,所以参考了一些资料,这里给上链接:
1.http://www.cnblogs.com/baibaomen/p/sso-sequence-chart.html
2.https://www.cnblogs.com/ywlaker/p/6113927.html
于是开始项目:
首先,既然是单点登录,就得建立多个站点,实现多个系统一次登录/注销。
直接看解决方案
sso_server用于统一登录
这边思路不再多说,上面的两篇帖子说的比较清楚。
既然使用session,那么,就得在startup中添加:
当然,所有用到session的项目,都需要这么添加一下(个人觉得有点麻烦,有更好的方法,也请告知,感谢)
然后是system1,system2的代码(这里两个系统没有差别)
using System; using System.Collections.Generic; using System.Linq; using System.Net.Http; using System.Net.Http.Headers; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace SSO_Server.Controllers { public class LoginController : Controller { public IActionResult Index(string returnUrl) { //浏览器带过来的cookie,token值 string browsertoken = HttpContext.Request.Cookies["token"]; //不存在,则判断未登录 if (string.IsNullOrEmpty(browsertoken) || string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { ViewData["Message"] = "请登录"; } else { string url = HttpContext.Session.GetString(browsertoken) + ","; //将请求的url注册 HttpContext.Session.SetString(browsertoken, url + returnUrl); //存在token,判断已登录,返回用户信息 return Redirect(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); //return Content(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); } return View(); } public IActionResult SignIn(string returnUrl) { //保存用户信息 HttpContext.Session.SetString("uid","1234"); //生成token string token = Guid.NewGuid().ToString(); //将请求的url注册 HttpContext.Session.SetString(token, returnUrl); //写入浏览器token HttpContext.Response.Cookies.Append("token",token); if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = "http://sysone.yourdomain.cn"; } //返回token和用户信息到请求地址 return Redirect(returnUrl+"?token="+ token+"&uid="+"1234"); } public IActionResult sessiontoken() { string browsertoken = HttpContext.Request.Cookies["token"]; string s= HttpContext.Session.GetString(browsertoken); return Content(s); } public IActionResult SignOut(string returnUrl) { string cont = string.Empty; string nexturl = string.Empty; string browsertoken = HttpContext.Request.Cookies["token"]; if (!string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { string urlstr = HttpContext.Session.GetString(browsertoken); //string urlstr = "http://sysone.yourdomain.cn,http://systwo.yourdomain.cn"; string[] ulslist = urlstr.Split(','); List<string> arrstr = ulslist.Distinct().ToList(); if (arrstr.Count() > 0 && !string.IsNullOrEmpty(arrstr[0])) { nexturl = arrstr[0] + "/Home/SignOut"; cont = string.Join(",", arrstr); } } HttpContext.Response.Cookies.Delete("token"); HttpContext.Session.Clear(); //return Content(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); if (!string.IsNullOrEmpty(nexturl)) return Redirect(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); else return Redirect(returnUrl); } } }
然后是视图
@{ ViewData["Title"] = "Home Page"; } @ViewData["Message"] @if (!ViewData["Message"].ToString().Equals("请登录")) { <a href="http://sso.yourdomain.cn/Login/SignOut?returnUrl=http://sysone.yourdomain.cn">注销</a> } else { <a class="btn btn-default" href="http://sso.yourdomain.cn/login?returnUrl=http://sysone.yourdomain.cn">登录</a> }
然后是sso认证中心代码:
using System; using System.Collections.Generic; using System.Linq; using System.Net.Http; using System.Net.Http.Headers; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace SSO_Server.Controllers { public class LoginController : Controller { public IActionResult Index(string returnUrl) { //浏览器带过来的cookie,token值 string browsertoken = HttpContext.Request.Cookies["token"]; //不存在,则判断未登录 if (string.IsNullOrEmpty(browsertoken) || string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { ViewData["Message"] = "请登录"; } else { string url = HttpContext.Session.GetString(browsertoken) + ","; //将请求的url注册 HttpContext.Session.SetString(browsertoken, url + returnUrl); //存在token,判断已登录,返回用户信息 return Redirect(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); //return Content(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); } return View(); } public IActionResult SignIn(string returnUrl) { //保存用户信息 HttpContext.Session.SetString("uid","1234"); //生成token string token = Guid.NewGuid().ToString(); //将请求的url注册 HttpContext.Session.SetString(token, returnUrl); //写入浏览器token HttpContext.Response.Cookies.Append("token",token); if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = "http://sysone.yourdomain.cn"; } //返回token和用户信息到请求地址 return Redirect(returnUrl+"?token="+ token+"&uid="+"1234"); } public IActionResult sessiontoken() { string browsertoken = HttpContext.Request.Cookies["token"]; string s= HttpContext.Session.GetString(browsertoken); return Content(s); } public IActionResult SignOut(string returnUrl) { string cont = string.Empty; string nexturl = string.Empty; string browsertoken = HttpContext.Request.Cookies["token"]; if (!string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { string urlstr = HttpContext.Session.GetString(browsertoken); //string urlstr = "http://sysone.yourdomain.cn,http://systwo.yourdomain.cn"; string[] ulslist = urlstr.Split(','); List<string> arrstr = ulslist.Distinct().ToList(); if (arrstr.Count() > 0 && !string.IsNullOrEmpty(arrstr[0])) { nexturl = arrstr[0] + "/Home/SignOut"; cont = string.Join(",", arrstr); } } HttpContext.Response.Cookies.Delete("token"); HttpContext.Session.Clear(); //return Content(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); if (!string.IsNullOrEmpty(nexturl)) return Redirect(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); else return Redirect(returnUrl); } } }
sso,登录页视图index
@{ ViewData["Title"] = "登录"; } @ViewData["Message"] @if (!ViewData["Message"].ToString().Equals("请登录")) { <a href="@Url.Action("SignOut")">注销</a> } else { <a class="btn btn-default" href="@Url.Action("SignIn","Login",new { returnUrl=Context.Request.Query["returnUrl"]})">登录</a> } @ViewData["Message1"]
这里贴上资源链接
https://download.csdn.net/download/qq_28248571/10342173
这里只是初步demo,请不要钻牛角尖,欢迎讨论,感谢你的阅读
