同一账户同时只能在一处登陆(单点登陆)

思路:
1:用户登陆-》产生一个随机Key(GUID)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端Cookie
每次用户访问页面,检测是否登陆时,读取浏览器的Cookie, 都判断key是否和服务器的相同。
 
eg: 用户在A在Chrome登陆后,服务端产生一个GUID,浏览器Cookie存一份(key),服务端Memcache也存一份(key + usercode, GUID),
当用户A在Firefox登陆后,服务端又产生了一个GUID,浏览器Cookie存一份(key),服务端Memcache也存一份(key + usercode, GUID),
当A用户再次刷新Chrome时,浏览器的Cookie和服务端的memcache的value(通过usercode查memcache的value)不一样了,强制退出。
 
 1 /// <summary>
 2         /// Memcache,这里自己去定义
 3         /// </summary>
 4         private static CacheServer _cacheServer = CacheServer.GetCacheOperateInstance();
 5 
 6         /// <summary>
 7         /// 设置Cookie
 8         /// </summary>
 9         /// <param name="cookiename"></param>
10         /// <param name="cookievalue"></param>
11         /// <param name="expires"></param>
12         public static void SetCookie(string cookiename, string cookievalue, DateTime expires)
13         {
14             HttpCookie cookie = new HttpCookie(cookiename)
15             {
16                 Value = cookievalue,
17                 Expires = expires
18             };
19             System.Web.HttpContext.Current.Response.Cookies.Add(cookie);
20         }
21 
22         /// <summary>
23         /// 登陆成功后执行
24         /// </summary>
25         /// <param name="isLogin"></param>
26         /// <param name="pUserCode"></param>
27         /// <param name="cookieDomain"></param>
28         public void SingleLogin(bool isLogin, string pUserCode, string cookieDomain)
29         {
30             if (isLogin)
31             {
32                 #region 限制同一账户同时只能在一处登陆 
33                 string singleKey = "singleGUID";
34                 string singleValue = Guid.NewGuid().ToString();
35                 SetCookie(singleKey, cookieDomain, DateTime.Now.AddDays(7));
36                 _cacheServer.AddCacheRuntime(singleKey + pUserCode.ToLower(), singleValue, 1440 * 3);
37                 #endregion
38             }
39         }

BaseControl中的代码:

 1 /// <summary>  
 2         /// 获取指定Cookie值  
 3         /// </summary>  
 4         /// <param name="cookiename">cookiename</param>  
 5         /// <returns></returns>  
 6         public static string GetCookieValue(string cookiename)
 7         {
 8             HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies[cookiename];
 9             string str = string.Empty;
10             if (cookie != null)
11             {
12                 str = cookie.Value;
13             }
14             return str;
15         }
16 
17         /// <summary>
18         /// 名称:清除cookie
19         /// </summary>
20         private void RemoveAllCookiesBase()
21         {
22             foreach (string key in HttpContext.Request.Cookies.AllKeys)
23             {
24                 HttpCookie cookie = HttpContext.Request.Cookies[key];
25                 cookie.Domain = System.Configuration.ConfigurationManager.AppSettings["cookieDomain"];
26                 cookie.Expires = DateTime.Now.AddDays(-1);
27                 HttpContext.Response.Cookies.Add(cookie);
28             }
29             
30         }
31         
32         /// <summary>
33         /// BaseControl中OnActionExecuting中的代码
34         /// </summary>
35         /// <param name="filterContext"></param>
36         protected override void OnActionExecuting(ActionExecutingContext filterContext)
37         {
38             //你的登陆对象,自己修改
39             UserModel _userProfile = new UserModel();
40 
41             #region 限制同一账户同时只能在一处登陆
42             string singleKey = "singleGUID";
43             //从客户端cookie取值
44             var clientValue = GetCookieValue(singleKey);
45 
46             string serverValue = string.Empty;
47             //从服务端Cache获取
48             var serverValueObj = _cacheServer.GetValueWithCache(singleKey + _userProfile.UserCode.ToLower());
49             if (serverValueObj != null)
50             {
51                 serverValue = Convert.ToString(serverValueObj);
52             }
53 
54             if (!serverValue.Equals(clientValue))
55             {
56                 RemoveAllCookiesBase();
57                 System.Web.Security.FormsAuthentication.SignOut();
58 
59                 //登陆系统地址
60                 string loginURL = System.Configuration.ConfigurationManager.AppSettings["LoginPath"];
61                 string hostUrl = filterContext.HttpContext.Request.Url.Host;
62                 var https_hostUrl = "http://" + hostUrl + "/";
63                 filterContext.Result = new RedirectResult(loginURL + https_hostUrl);
64             }
     base.OnActionExecuting(filterContext);
65 #endregion 66 }

根据自己项目的实际情况,适当的修改代码。

 

  

posted @ 2018-10-24 11:58 加勒比海盗V 阅读(...) 评论(...) 编辑 收藏