本文章使用asp.net内置membership作为登陆操作  关于配置membership   不用说明了 网上都有的

首先建立一个login页面 随便放一个login控件和loginstatus控件

aspx代码

<body>
    <form id="form1" runat="server">
    <div>
        <asp:Login ID="Login1" runat="server" onloggedin="Login1_LoggedIn" 
            onloggingin="Login1_LoggingIn">
        </asp:Login>
        <asp:LoginStatus ID="LoginStatus1" runat="server" 
            onloggingout="LoginStatus1_LoggingOut" />
    </div>
    </form>
</body>

cs代码 

 MembershipUser user;
        protected void Login1_LoggedIn(object sender, EventArgs e)
        {
            if(user ==null)
            user = Membership.GetUser(User.Identity.Name);//获取登陆用户名的membershipuser实例


            Guid newguid = Guid.NewGuid();//新建guid

            HttpCookie  cookie=Response.Cookies[FormsAuthentication.FormsCookieName];//获取cookie

            FormsAuthenticationTicket ft = FormsAuthentication.Decrypt(cookie.Value);//解密表单票
            FormsAuthenticationTicket newft = new FormsAuthenticationTicket(ft.Version, ft.Name, ft.IssueDate, ft.Expiration, ft.IsPersistent, newguid.ToString(), ft.CookiePath);//重新创建一个表单票 把生成guid加入userdata中
            user.Comment = "loginExpiration;" + ft.Expiration.ToString() + "|loginSessionID;" + newguid.ToString();//存储guid数据和过期时间
            Membership.UpdateUser(user);//更新用户数据
            Response.Cookies.Remove(FormsAuthentication.FormsCookieName);//删除已有相关formsName的cookie
            HttpCookie newCookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(newft));//重新创建cookie
            newCookie.Domain = cookie.Domain;
            newCookie.Expires = cookie.Expires;
            newCookie.HttpOnly = cookie.HttpOnly;
            newCookie.Path = cookie.Path;
            newCookie.Secure = cookie.Secure;
            Response.Cookies.Add(newCookie);//输出cookie到客户端

 

 

        }

        protected void Login1_LoggingIn(object sender, LoginCancelEventArgs e)
        {
            if (user == null)
            {
                user = Membership.GetUser(Login1.UserName);
            }


            //禁止同一个会话再次登陆
            //禁止同一个会话再次登陆
            if (user != null)
            {
                if (User.Identity.IsAuthenticated && user.UserName == User.Identity.Name)
                {
                    if (!string.IsNullOrEmpty(user.Comment) && user.Comment.Contains("loginExpiration"))
                    {
                        string currentExpirationStr = user.Comment.Split("|".ToCharArray())[0];
                        DateTime currentExpiration = DateTime.Parse(currentExpirationStr.Split(";".ToCharArray())[1]);

                        if (currentExpiration < DateTime.Now)
                        {
                            e.Cancel = true;
                            Literal t = Login1.FindControl("FailureText") as Literal;
                            t.Text = "你已经登陆了 !";
                        }

                    }
                }
            }

        }

        protected void LoginStatus1_LoggingOut(object sender, LoginCancelEventArgs e)
        {
            //退出登陆  清空用户的comment数据
            MembershipUser mu = Membership.GetUser();
            mu.Comment = string.Empty;
            Membership.UpdateUser(mu);
        }

 

然后 需要一个Httpmodule模块

cs代码

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;

namespace aspnetajaxtast
{
    public class FormsAuthsessionModule : IHttpModule
    {
        public void Dispose()
        {

        }

        public void Init(HttpApplication context)
        {
            context.PostAuthorizeRequest += new EventHandler(context_PostAuthorizeRequest);
        }

        void context_PostAuthorizeRequest(object sender, EventArgs e)
        {
            HttpApplication app = sender as HttpApplication;
            HttpContext c = app.Context;
            if (c.User.Identity.IsAuthenticated)
            {
                FormsAuthenticationTicket ft = (c.User.Identity as FormsIdentity).Ticket;
                Guid g;
                if (ft.UserData != "")
                {
                    g = new Guid(ft.UserData);
                }
                else
                    g = Guid.Empty;
                
                MembershipUser user = Membership.GetUser(c.User.Identity.Name);
                Guid currentSessionGuid;
                if (!string.IsNullOrEmpty(user.Comment))
                {
                    string currentSessionStr = user.Comment.Split("|".ToCharArray())[1];
                    currentSessionGuid = new Guid(currentSessionStr.Split(";".ToCharArray())[1]);
                }
                else
                {
                    currentSessionGuid = Guid.Empty;
                }

                if (g != currentSessionGuid)
                {
                    FormsAuthentication.SignOut();

                   //清空cookie登陆数据 需要重向url

                  //自己自定义转到url的代码


                }

            }

        }
    }
}

web.config 需要配置httpmodule

在<system.web><httpModules>
          <add name="FormsAuthsessionModules" type="aspnetajaxtast.FormsAuthsessionModule"/>

      </httpModules>

这是vs测试或者iis7以下版本需要的

如果在iis7  需要以下配置代码

  <system.webServer>
      <modules  runAllManagedModulesForAllRequests="true"  >
          <add name="FormsAuthsessionModules" type="FormsAuthsessionModule"/>
      </modules>
  </system.webServer>

测试需要两个浏览器就可以了  一个ie 一个ff可以当模拟两台电脑  如果你有两台电脑的话 也可以 

 
 

 

 posted on 2012-04-19 09:04  纳米程序员  阅读(830)  评论(0编辑  收藏  举报