你的位置:首页 > 软件开发 > ASP.net > asp.net MVC 通用登录验证模块

asp.net MVC 通用登录验证模块

发布时间:2015-09-20 14:00:11
用法:还是希望读者把源码看懂,即可运用自如。重点是,为什么有个UserType!!!登录用户信息:namespace MVCCommonAuth{ [Serializable] public class LoginUser { private const string ...

用法:

还是希望读者把源码看懂,即可运用自如。重点是,为什么有个UserType!!!

登录用户信息:

namespace MVCCommonAuth{  [Serializable]  public class LoginUser  {    private const get='_blank'>string DESKEY = "12345678";    public int ID { get; set; }    public string UserName { get; set; }    public string Roles { get; set; }    public DateTime Expires { get; set; }    public readonly static string CookieNamePrefix = "authcookie";    public void Login(string userType, string domain = null, string path = null)    {      var keyName = CookieNamePrefix + userType;      var json = JsonConvert.SerializeObject(this);      var value = EncryptString(json, DESKEY);      HttpCookie cookie = new HttpCookie(keyName, value);      cookie.Expires = Expires;      if (!string.IsNullOrWhiteSpace(domain))      {        cookie.Domain = domain;      }      if (path != null)      {        cookie.Path = path;      }      HttpContext.Current.Items[keyName] = this;      HttpContext.Current.Response.Cookies.Add(cookie);    }    /// <summary>    /// 从cookie读取用户信息    /// </summary>    /// <param name="cookieName"></param>    private static LoginUser BuildUser(string keyName)    {      var cookie = HttpContext.Current.Request.Cookies[keyName];      if (cookie != null && !string.IsNullOrEmpty(cookie.Value))      {        try        {          var json = DecryptString(cookie.Value, DESKEY);          var loginuser = JsonConvert.DeserializeObject<LoginUser>(json);          if (loginuser != null)          {            if (loginuser.Expires >= DateTime.Now)            {              return loginuser;            }          }        }        catch        {          //do nothing        }      }      return null;    }    public static LoginUser GetUser(string userType)    {      var keyName = CookieNamePrefix + userType;      if (!HttpContext.Current.Items.Contains(keyName))      {        var user = BuildUser(keyName);        HttpContext.Current.Items[keyName] = user;        return user;      }      else      {        return HttpContext.Current.Items[keyName] as LoginUser;      }    }    public static int GetUserID(string userType)    {      var user = GetUser(userType);      if (user != null)        return user.ID;      return 0;    }    /// <summary>    /// 退出cookie登录    /// </summary>    public static void Logout(string userType)    {      var keyName = CookieNamePrefix + userType;      HttpCookie cookie = new HttpCookie(keyName, string.Empty);      cookie.Expires = DateTime.Now.AddMonths(-1);      HttpContext.Current.Response.Cookies.Add(cookie);    }    #region 字符串加密    /// <summary>      /// 利用DES加密算法加密字符串(可解密)      /// </summary>      /// <param name="plaintext">被加密的字符串</param>      /// <param name="key">密钥(只支持8个字节的密钥)</param>      /// <returns>加密后的字符串</returns>      private static string EncryptString(string plaintext, string key)    {      //访问数据加密标准(DES)算法的加密服务提供程序 (CSP) 版本的包装对象        DESCryptoServiceProvider des = new DESCryptoServiceProvider();      des.Key = ASCIIEncoding.ASCII.GetBytes(key); //建立加密对象的密钥和偏移量        des.IV = ASCIIEncoding.ASCII.GetBytes(key);  //原文使用ASCIIEncoding.ASCII方法的GetBytes方法        byte[] inputByteArray = Encoding.Default.GetBytes(plaintext);//把字符串放到byte数组中        MemoryStream ms = new MemoryStream();//创建其支持存储区为内存的流         //定义将数据流链接到加密转换的流        CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);      cs.Write(inputByteArray, 0, inputByteArray.Length);      cs.FlushFinalBlock();      //上面已经完成了把加密后的结果放到内存中去        StringBuilder ret = new StringBuilder();      foreach (byte b in ms.ToArray())      {        ret.AppendFormat("{0:X2}", b);      }      ret.ToString();      return ret.ToString();    }    /// <summary>      /// 利用DES解密算法解密密文(可解密)      /// </summary>      /// <param name="ciphertext">被解密的字符串</param>      /// <param name="key">密钥(只支持8个字节的密钥,同前面的加密密钥相同)</param>      /// <returns>返回被解密的字符串</returns>      private static string DecryptString(string ciphertext, string key)    {      try      {        DESCryptoServiceProvider des = new DESCryptoServiceProvider();        byte[] inputByteArray = new byte[ciphertext.Length / 2];        for (int x = 0; x < ciphertext.Length / 2; x++)        {          int i = (Convert.ToInt32(ciphertext.Substring(x * 2, 2), 16));          inputByteArray[x] = (byte)i;        }        des.Key = ASCIIEncoding.ASCII.GetBytes(key); //建立加密对象的密钥和偏移量,此值重要,不能修改          des.IV = ASCIIEncoding.ASCII.GetBytes(key);        MemoryStream ms = new MemoryStream();        CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);        cs.Write(inputByteArray, 0, inputByteArray.Length);        cs.FlushFinalBlock();        //建立StringBuild对象,createDecrypt使用的是流对象,必须把解密后的文本变成流对象          StringBuilder ret = new StringBuilder();        return System.Text.Encoding.Default.GetString(ms.ToArray());      }      catch (Exception)      {        return "error";      }    }    #endregion  }}

原标题:asp.net MVC 通用登录验证模块

关键词:ASP.NET

*特别声明:以上内容来自于网络收集,著作权属原作者所有,如有侵权,请联系我们: admin#shaoqun.com (#换成@)。