同一账户同时只能在一处登陆(单点登陆)
Posted zhangdongoffice
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了同一账户同时只能在一处登陆(单点登陆)相关的知识,希望对你有一定的参考价值。
思路:
1:用户登陆-》产生一个随机Key(GUID)(服务器维护一个字典[id,key],放在memcache中)-》同时输出key到客户端Cookie
每次用户访问页面,检测是否登陆时,读取浏览器的Cookie, 都判断key是否和服务器的相同。
eg: 用户在A在Chrome登陆后,服务端产生一个GUID,浏览器Cookie存一份(key),服务端Memcache也存一份(key + usercode, GUID),
当用户A在Firefox登陆后,服务端又产生了一个GUID,浏览器Cookie存一份(key),服务端Memcache也存一份(key + usercode, GUID),
当A用户再次刷新Chrome时,浏览器的Cookie和服务端的memcache的value(通过usercode查memcache的value)不一样了,强制退出。
1 /// <summary> 2 /// Memcache,这里自己去定义 3 /// </summary> 4 private static CacheServer _cacheServer = CacheServer.GetCacheOperateInstance(); 5 6 /// <summary> 7 /// 设置Cookie 8 /// </summary> 9 /// <param name="cookiename"></param> 10 /// <param name="cookievalue"></param> 11 /// <param name="expires"></param> 12 public static void SetCookie(string cookiename, string cookievalue, DateTime expires) 13 { 14 HttpCookie cookie = new HttpCookie(cookiename) 15 { 16 Value = cookievalue, 17 Expires = expires 18 }; 19 System.Web.HttpContext.Current.Response.Cookies.Add(cookie); 20 } 21 22 /// <summary> 23 /// 登陆成功后执行 24 /// </summary> 25 /// <param name="isLogin"></param> 26 /// <param name="pUserCode"></param> 27 /// <param name="cookieDomain"></param> 28 public void SingleLogin(bool isLogin, string pUserCode, string cookieDomain) 29 { 30 if (isLogin) 31 { 32 #region 限制同一账户同时只能在一处登陆 33 string singleKey = "singleGUID"; 34 string singleValue = Guid.NewGuid().ToString(); 35 SetCookie(singleKey, cookieDomain, DateTime.Now.AddDays(7)); 36 _cacheServer.AddCacheRuntime(singleKey + pUserCode.ToLower(), singleValue, 1440 * 3); 37 #endregion 38 } 39 }
BaseControl中的代码:
1 /// <summary> 2 /// 获取指定Cookie值 3 /// </summary> 4 /// <param name="cookiename">cookiename</param> 5 /// <returns></returns> 6 public static string GetCookieValue(string cookiename) 7 { 8 HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies[cookiename]; 9 string str = string.Empty; 10 if (cookie != null) 11 { 12 str = cookie.Value; 13 } 14 return str; 15 } 16 17 /// <summary> 18 /// 名称:清除cookie 19 /// </summary> 20 private void RemoveAllCookiesBase() 21 { 22 foreach (string key in HttpContext.Request.Cookies.AllKeys) 23 { 24 HttpCookie cookie = HttpContext.Request.Cookies[key]; 25 cookie.Domain = System.Configuration.ConfigurationManager.AppSettings["cookieDomain"]; 26 cookie.Expires = DateTime.Now.AddDays(-1); 27 HttpContext.Response.Cookies.Add(cookie); 28 } 29 30 } 31 32 /// <summary> 33 /// BaseControl中OnActionExecuting中的代码 34 /// </summary> 35 /// <param name="filterContext"></param> 36 protected override void OnActionExecuting(ActionExecutingContext filterContext) 37 { 38 //你的登陆对象,自己修改 39 UserModel _userProfile = new UserModel(); 40 41 #region 限制同一账户同时只能在一处登陆 42 string singleKey = "singleGUID"; 43 //从客户端cookie取值 44 var clientValue = GetCookieValue(singleKey); 45 46 string serverValue = string.Empty; 47 //从服务端Cache获取 48 var serverValueObj = _cacheServer.GetValueWithCache(singleKey + _userProfile.UserCode.ToLower()); 49 if (serverValueObj != null) 50 { 51 serverValue = Convert.ToString(serverValueObj); 52 } 53 54 if (!serverValue.Equals(clientValue)) 55 { 56 RemoveAllCookiesBase(); 57 System.Web.Security.FormsAuthentication.SignOut(); 58 59 //登陆系统地址 60 string loginURL = System.Configuration.ConfigurationManager.AppSettings["LoginPath"]; 61 string hostUrl = filterContext.HttpContext.Request.Url.Host; 62 var https_hostUrl = "http://" + hostUrl + "/"; 63 filterContext.Result = new RedirectResult(loginURL + https_hostUrl); 64 }
base.OnActionExecuting(filterContext); 65 #endregion 66 }
根据自己项目的实际情况,适当的修改代码。
以上是关于同一账户同时只能在一处登陆(单点登陆)的主要内容,如果未能解决你的问题,请参考以下文章
怎么分别设置一个域账户同时只能登陆一台电脑、一个域账户只能登陆指定电脑。