通用权限管理系统底层的状态保存之票据工具

项目中使用session保存状态信息时,经常出现超时情况,为了让状态按照自己的需要保持一段时间,底层使用了FormsAuthenticationTicket 来保存状态信息。参考代码如下:

其中的cookie使用了加密。

//-----------------------------------------------------------------------
// <copyright file="TicketTool.cs" company="HaiRiHan , Ltd .">
//     Copyright (c) 2015 , All rights reserved.
// </copyright>
//-----------------------------------------------------------------------

using System;
using System.Web;
using System.Web.Script.Serialization;
using System.Web.Security;
using System.Web.UI;

namespace Infrastructure
{
    using DotNet.Utilities;

    /// <summary>
    /// 票据工具
    ///
    /// 
    /// 修改纪录
    /// 
    /// 2015-03-17 版本:1.0 SongBiao 创建文件。   
    /// 
    /// <author>
    ///     <name>SongBiao</name>
    ///     <date>2015-03-17</date>
    /// </author>
    /// </summary>
    public class TicketTool
    {
        /// <summary>
        /// 创建一个票据,放在cookie中
        /// 票据中的数据经过加密,解决一下cookie的安全问题。
        /// </summary>
        /// <param name="userInfo">登录用户</param>
        /// <param name="issueDateTime">发布时间</param>
        /// <param name="experation">过期时间</param>
        /// <param name="isPersistent">持久性</param>
        public static void SetCookie(BaseUserInfo userInfo, DateTime? issueDateTime = null, DateTime? experation = null, bool isPersistent = true)
        {
            if (issueDateTime == null)
            {
                issueDateTime = DateTime.Now;
            }
            if (experation == null)
            {
                //设置COOKIE默认为16小时
                experation = DateTime.Now.AddHours(16);
            }
            BaseSystemInfo.UserInfo = userInfo;
            BaseSystemInfo.UserInfo.ServicePassword = BaseSystemInfo.ServicePassword;
            BaseSystemInfo.UserInfo.ServiceUserName = BaseSystemInfo.ServiceUserName;
            BaseSystemInfo.UserInfo.SystemCode = BaseSystemInfo.SystemCode;
            JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
            string userData = javaScriptSerializer.Serialize(BaseSystemInfo.UserInfo);
            //生成验证票据,其中包括用户名、生效时间、过期时间、是否永久保存和用户数据等。
            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userInfo.NickName, (DateTime)issueDateTime, (DateTime)experation, isPersistent, userData, FormsAuthentication.FormsCookiePath);
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
            cookie.Expires = (DateTime)experation;
            HttpResponse response = HttpContext.Current.Response;
            //指定客户端脚本是否可以访问[默认为false]
            cookie.HttpOnly = true;
            //指定统一的Path,比便能通存通取
            cookie.Path = "/";
            //设置跨域,这样在其它二级域名下就都可以访问到了 同一个网站下 
            //cookie.Domain = "zt-express.com";
            response.AppendCookie(cookie);
        }
        /// <summary>
        /// 获取登录的用户信息
        /// </summary>
        /// <returns></returns>
        public static BaseUserInfo GetUserInfo()
        {
            HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
            if (authCookie != null)
            {
                FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                if (authTicket != null)
                {
                    string userData = authTicket.UserData;
                    JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer();
                    var userInfo = javaScriptSerializer.Deserialize<BaseUserInfo>(userData);
                    return userInfo;
                }
            }
            return null;
        }
        /// <summary>
        /// 通过此法判断登录
        /// </summary>
        /// <returns>已登录返回true</returns>
        public static bool IsLogin()
        {
            return HttpContext.Current.User.Identity.IsAuthenticated;
        }
        /// <summary>
        /// 退出登录
        /// </summary>
        public static void Logout()
        {
            FormsAuthentication.SignOut();
        }
        /// <summary>
        /// 取得登录用户名
        /// </summary>
        /// <returns></returns>
        public static string GetUserName()
        {
            return HttpContext.Current.User.Identity.Name;
        }
        /// <summary>
        /// 取得票据中数据
        /// </summary>
        /// <returns></returns>
        public static string GetUserData()
        {
            var formsIdentity = HttpContext.Current.User.Identity as FormsIdentity;
            if (formsIdentity != null)
            {
                return formsIdentity.Ticket.UserData;
            }
            return string.Empty;
        }
        /// <summary>
        /// 获取FormsAuthentication验证的超时时间
        /// </summary>
        /// <param name="page"></param>
        /// <returns></returns>
        public static double GetFormTimeout(Page page)
        {
            var cookie = (HttpCookie)(page.Request.Cookies[FormsAuthentication.FormsCookieName]);
            // if no user login, the cookie will be null  
            if (cookie != null)
            {
                var ticket = FormsAuthentication.Decrypt(cookie.Value);
                if (ticket != null)
                {
                    double timeoutInMinutes = (ticket.Expiration - ticket.IssueDate).TotalMinutes;
                    return timeoutInMinutes;
                }
            }
            return -1;
        }
        /// <summary>
        /// 剩下多长时间超时
        /// </summary>
        /// <param name="page"></param>
        /// <returns></returns>
        public static double GetTotalLeftFormTimeout(Page page)
        {
            var cookie = (HttpCookie)(page.Request.Cookies[FormsAuthentication.FormsCookieName]);
            // if no user login, the cookie will be null  
            if (cookie != null)
            {
                var ticket = FormsAuthentication.Decrypt(cookie.Value);
                if (ticket != null && ticket.Expiration > DateTime.Now)
                {
                    double timeoutMillisecond = (ticket.Expiration - DateTime.Now).TotalMilliseconds;
                    return timeoutMillisecond;
                }
            }
            return -1;
        }
    }
}

 web.config中增加如下:

    <authentication mode="Forms">
      <forms name="HRHSecurity" loginUrl="~/Account/Login" timeout="2880" />
    </authentication>

传递的加密的cookie信息

 

posted @ 2015-05-04 12:16  三人成虎  阅读(424)  评论(0编辑  收藏  举报