.Net Core Session使用和优化
前提:在框架中使用Session对象存储特定用户会话需要的信息,当Session过期或被放弃后,用户跳转至登陆页面
下面介绍Session的配置和使用:
一.Session配置
(1)在ConfigureServices中添加:
1 services.AddSession(options => 2 { 3 //设置Session过期时间 4 options.IdleTimeout =TimeSpan.FromDays(30); 5 options.Cookie.HttpOnly = true; 6 } 7 );
(2)Configure中注入Session服务
1 app.UseSession();
二.Session使用
(1)设置和获取简单对象
1 //设置 2 HttpContext.Session.SetString("code", "123456"); 3 //获取 4 var Code = HttpContext.Session.GetString("code");
(2)设置和获取复杂对象,ISession扩展
新建扩展类“SessionExtensions.cs”
1 public static class SessionExtensions 2 { 3 public static void Set<T>(this ISession session, string key, T value) 4 { 5 session.SetString(key, JsonConvert.SerializeObject(value)); 6 } 7 public static T Get<T>(this ISession session, string key) 8 { 9 var value = session.GetString(key); 10 return value == null ? default(T) : 11 JsonConvert.DeserializeObject<T>(value); 12 } 13 }
1 var user = new Frame_User(); 2 user.UserName = "用户名称"; 3 HttpContext.Session.Set<Frame_User>("SessionTest", user); 4 var sessionresult = HttpContext.Session.Get<Frame_User>("SessionTest");
结果如下图:
(3) 注入IHttpContextAccessor,设置全局Session变量
1 public static class CurrentUser 2 { 3 4 private static IHttpContextAccessor _httpContextAccessor; 5 private static ISession _session => _httpContextAccessor.HttpContext.Session; 6 public static void Configure(IHttpContextAccessor httpContextAccessor) 7 { 8 _httpContextAccessor = httpContextAccessor; 9 } 10 11 /// <summary> 12 /// 用户登录账户 13 /// </summary> 14 public static string LoginID 15 { 16 get => _session == null ? "" : _session.GetString("CurrentUser_LoginID"); 17 set => _session.SetString("CurrentUser_LoginID", !string.IsNullOrEmpty(value) ? value : ""); 18 } 19 20 /// <summary> 21 /// 用户姓名 22 /// </summary> 23 public static string UserName 24 { 25 get => _session == null ? "" : _session.GetString("CurrentUser_UserName"); 26 set => _session.SetString("CurrentUser_UserName", !string.IsNullOrEmpty(value) ? value : ""); 27 } 28 }
1 if (frameUser != null) 2 { 3 CurrentUser.LoginID = frameUser.LoginID; 4 CurrentUser.UserName = frameUser.UserName; 5 }
优化:Session超期,返回登陆页面,通过过滤器拦截
(1)创建Action过滤器“CustomActionCheckFilterAttribute”
1 public class CustomActionCheckFilterAttribute : ActionFilterAttribute 2 { 3 4 public CustomActionCheckFilterAttribute( ) 5 { 6 7 } 8 9 public override void OnActionExecuting(ActionExecutingContext context) 10 { 11 12 if (CurrentUser.UserName == null) 13 { 14 context.HttpContext.Response.WriteAsync("<script>window.parent.location.href='../Account/Login'</script>"); 15 } 16 } 17 18 }
(2)在需要的控制器上添加[CustomActionCheckFilter]