用户登录
用户登录: [HttpPost] [CustomAllowAnonymous]//允许匿名登录(这个是自定义的) public ActionResult Login(string name, string password, string verify) { string formName = base.HttpContext.Request.Form["Name"]; var result = base.HttpContext.Login(name, password, verify); if (result == UserManager.LoginResult.Success) { if (base.HttpContext.Session["CurrentUrl"] != null) { string url = base.HttpContext.Session["CurrentUrl"].ToString(); base.HttpContext.Session.Remove("CurrentUrl"); return base.Redirect(url); } else return base.Redirect("/Home/Index"); } else { ModelState.AddModelError("failed", result.GetRemark()); return View(); } } 登录验证代码 public static class UserManager { private static Logger logger = new Logger(typeof(UserManager)); /// <summary> /// 用户登录验证 /// </summary> /// <param name="name"></param> /// <param name="password"></param> /// <param name="verifyCode"></param> /// <returns></returns> public static LoginResult Login(this HttpContextBase context, string name, string password, string verifyCode) { if (context.Session["CheckCode"] != null && !string.IsNullOrWhiteSpace(context.Session["CheckCode"].ToString()) && context.Session["CheckCode"].ToString().Equals(verifyCode, StringComparison.CurrentCultureIgnoreCase)) { using (IUserCompanyService servcie = DIFactory.GetContainer().Resolve<IUserCompanyService>())//查找数据库 { User user = servcie.Set<User>().FirstOrDefault(u => u.Name.Equals(name) || u.Account.Equals(name) || u.Mobile.Equals(name) || u.Email.Equals(name));//账号查找 if (user == null) { return LoginResult.NoUser; } else if (!user.Password.Equals(MD5Encrypt.Encrypt(password))) { return LoginResult.WrongPwd; } else if (user.State == 1) { return LoginResult.Frozen; } else { //登录成功 写cookie session CurrentUser currentUser = new CurrentUser() { Id = user.Id, Name = user.Name, Account = user.Account, Email = user.Email, Password = user.Password, LoginTime = DateTime.Now }; #region Cookie //context.Request.Cookies //HttpCookie cookie = context.Request.Cookies.Get("CurrentUser"); //if (cookie == null) //{ HttpCookie myCookie = new HttpCookie("CurrentUser"); myCookie.Value = JsonHelper.ObjectToString<CurrentUser>(currentUser); myCookie.Expires = DateTime.Now.AddMinutes(5); //5分钟后 硬盘cookie //不设置就是内存cookie--关闭浏览器就丢失 //改成过期 -1 过期 //修改cookie:不能修改,只能起个同名的cookie //myCookie.Domain//设置cookie共享域名 //myCookie.Path//指定路径能享有cookie context.Response.Cookies.Add(myCookie);//一定要输出 //} //前端只能获取name-value #endregion Cookie #region Session //context.Session.RemoveAll(); var sessionUser = context.Session["CurrentUser"]; context.Session["CurrentUser"] = currentUser; context.Session.Timeout = 3;//minute session过期等于Abandon #endregion Session logger.Debug(string.Format("用户id={0} Name={1}登录系统", currentUser.Id, currentUser.Name)); return LoginResult.Success; } } //服务端是只靠session--安全 //cookie一直做登陆 //cookie+session:验证用session,没有session就看cookie(cookie写个时间) } else { return LoginResult.WrongVerify;//这是一个枚举,想返回什么,自定义去吧 } } } 用户退出: public ActionResult Logout() { this.HttpContext.UserLogout(); return RedirectToAction("Index", "Home"); ; } public static void UserLogout(this HttpContextBase context) { #region Cookie HttpCookie myCookie = context.Request.Cookies["CurrentUser"]; if (myCookie != null) { myCookie.Expires = DateTime.Now.AddMinutes(-1);//设置过过期 context.Response.Cookies.Add(myCookie); } #endregion Cookie #region Session var sessionUser = context.Session["CurrentUser"]; if (sessionUser != null && sessionUser is CurrentUser) { CurrentUser currentUser = (CurrentUser)context.Session["CurrentUser"]; logger.Debug(string.Format("用户id={0} Name={1}退出系统", currentUser.Id, currentUser.Name)); } context.Session["CurrentUser"] = null;//表示将制定的键的值清空,并释放掉, context.Session.Remove("CurrentUser"); context.Session.Clear();//表示将会话中所有的session的键值都清空,但是session还是依然存在, context.Session.RemoveAll();// context.Session.Abandon();//就是把当前Session对象删除了,下一次就是新的Session了 #endregion Session }