c#通用登录模块分享

namespace MVCCommonAuth{  #region 功能说明  // 举个例子：一个网站有用户系统、商家系统、网站后台3个系统  //可以分3个userType, user ,shop , system  //网站后台一般都有角色，如admin,employee  //那么网站的角色就有 user,shop,admin,employee,但是admin和employee在一个客户端是不能同时登陆的，所以他们是同一类用户（system）  #endregion  public enum UserType  {    User,    Shop,    System  }  [Serializable]  public class LoginUser  {    private static string DESKEY = DateTime.Now.ToString("1234MMdd");    public int ID { get; set; }    public string UserName { get; set; }    public string Roles { get; set; }    public DateTime Expires { get; set; }    public readonly static string CookieNamePrefix = "authcookie";    public void Login(string userType, string domain = null, string path = null)    {      var keyName = CookieNamePrefix + userType;      var json = JsonConvert.SerializeObject(this);      var value = EncryptString(json, DESKEY);      HttpCookie cookie = new HttpCookie(keyName, value);      cookie.Expires = Expires;      if (!string.IsNullOrWhiteSpace(domain))      {        cookie.Domain = domain;      }      if (path != null)      {        cookie.Path = path;      }      HttpContext.Current.Items[keyName] = this;      HttpContext.Current.Response.Cookies.Add(cookie);    }    /// <summary>    /// 从cookie读取用户信息    /// </summary>    /// <param name="cookieName"></param>    private static LoginUser BuildUser(string keyName)    {      var cookie = HttpContext.Current.Request.Cookies[keyName];      if (cookie != null && !string.IsNullOrEmpty(cookie.Value))      {        try        {          var json = DecryptString(cookie.Value, DESKEY);          var loginuser = JsonConvert.DeserializeObject<LoginUser>(json);          if (loginuser != null)          {            if (loginuser.Expires >= DateTime.Now)            {              return loginuser;            }          }        }        catch        {          //do nothing        }      }      return null;    }    public static LoginUser GetUser(string userType)    {      var keyName = CookieNamePrefix + userType;      if (!HttpContext.Current.Items.Contains(keyName))      {        var user = BuildUser(keyName);        HttpContext.Current.Items[keyName] = user;        return user;      }      else      {        return HttpContext.Current.Items[keyName] as LoginUser;      }    }    public static int GetUserID(string userType)    {      var user = GetUser(userType);      if (user != null)        return user.ID;      return 0;    }    /// <summary>    /// 退出cookie登录    /// </summary>    public static void Logout(string userType)    {      var keyName = CookieNamePrefix + userType;      HttpCookie cookie = new HttpCookie(keyName, string.Empty);      cookie.Expires = DateTime.Now.AddMonths(-1);      HttpContext.Current.Response.Cookies.Add(cookie);    }    #region 字符串加密    /// <summary>      /// 利用DES加密算法加密字符串（可解密）      /// </summary>      /// <param name="plaintext">被加密的字符串</param>      /// <param name="key">密钥（只支持8个字节的密钥）</param>      /// <returns>加密后的字符串</returns>      private static string EncryptString(string plaintext, string key)    {      //访问数据加密标准(DES)算法的加密服务提供程序 (CSP) 版本的包装对象        DESCryptoServiceProvider des = new DESCryptoServiceProvider();      des.Key = ASCIIEncoding.ASCII.GetBytes(key);　//建立加密对象的密钥和偏移量        des.IV = ASCIIEncoding.ASCII.GetBytes(key);　 //原文使用ASCIIEncoding.ASCII方法的GetBytes方法        byte[] inputByteArray = Encoding.Default.GetBytes(plaintext);//把字符串放到byte数组中        MemoryStream ms = new MemoryStream();//创建其支持存储区为内存的流　        //定义将数据流链接到加密转换的流        CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write);      cs.Write(inputByteArray, 0, inputByteArray.Length);      cs.FlushFinalBlock();      //上面已经完成了把加密后的结果放到内存中去        StringBuilder ret = new StringBuilder();      foreach (byte b in ms.ToArray())      {        ret.AppendFormat("{0:X2}", b);      }      ret.ToString();      return ret.ToString();    }    /// <summary>      /// 利用DES解密算法解密密文（可解密）      /// </summary>      /// <param name="ciphertext">被解密的字符串</param>      /// <param name="key">密钥（只支持8个字节的密钥，同前面的加密密钥相同）</param>      /// <returns>返回被解密的字符串</returns>      private static string DecryptString(string ciphertext, string key)    {      try      {        DESCryptoServiceProvider des = new DESCryptoServiceProvider();        byte[] inputByteArray = new byte[ciphertext.Length / 2];        for (int x = 0; x < ciphertext.Length / 2; x++)        {          int i = (Convert.ToInt32(ciphertext.Substring(x * 2, 2), 16));          inputByteArray[x] = (byte)i;        }        des.Key = ASCIIEncoding.ASCII.GetBytes(key);　//建立加密对象的密钥和偏移量，此值重要，不能修改          des.IV = ASCIIEncoding.ASCII.GetBytes(key);        MemoryStream ms = new MemoryStream();        CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write);        cs.Write(inputByteArray, 0, inputByteArray.Length);        cs.FlushFinalBlock();        //建立StringBuild对象，createDecrypt使用的是流对象，必须把解密后的文本变成流对象          StringBuilder ret = new StringBuilder();        return System.Text.Encoding.Default.GetString(ms.ToArray());      }      catch (Exception)      {        return "error";      }    }    #endregion  }}

    [HttpPost]    public ActionResult Login(string username,string userpass)    {      if (username=="admin" && userpass=="admin")      {        LoginUser loginuser = new LoginUser();        loginuser.ID = 1;        loginuser.UserName = username;        loginuser.Roles = "Administrator";        loginuser.Expires = DateTime.Now.AddHours(2);        loginuser.Login("Administrator");        return Content("登录成功");        //return RedirectToAction("Index", "Home");      }      return RedirectToAction("Login");    }

//是否登录if(LoginUser.GetUserID("Administrator") > 0){}// 用户IDint userID=LoginUser.GetUserID("Administrator")//获取用户名string userName= LoginUser.GetUser("Administrator").UserName

  <form id="form1" runat="server">  <script src="../Script/jquery-v1.10.2.js" type="text/javascript"></script>  <script src="login.js" type="text/javascript"></script>  <div class="" style="height: 160px">    <div>      <label for="userName">        帐号：</label>      <input type="text" name="userName" />    </div>    <div>      <label for="password">        密码：</label>      <input type="password" name="password" />    </div>    <input type="submit" id="btnSumit" value="登录" />    <p class="msg"> </p>  </div>  </form>

/*!* 插件名称：登录插件封装，使用方法：    $('#form1').login({      url: "LoginHandler.ashx",//处理登录验证逻辑的Url      userName: $("input[name='userName']"),//用户名输入框      password: $("input[name='password']"),//密码输入框      msg: $(".msg"),                    //提示信息      button: $("#btnSumit")              //提交按钮    }); */(function ($) {  $.fn.login = function (option) {    var defaults = {      url: '/account/login/',      msg: $(this).find('.msg'),      userName: $(this).find("input[name='userName']"),      password: $(this).find("input[name='password']"),      button: $(this).find("#button")    };    var options = $.extend(defaults, option);    var errMsg = {      'inputUserName': '请输入用户名',      'inputPassword': '请填写登录密码',      'passwordLength': '密码应在6-32位字符内',      'noreg': '此账号未注册',      'inviladUserName': '帐号不存在',      'accountNotMatch': '账号密码不匹配',      'userLocked': '帐号锁定中，暂时无法登录',      'serverdown': '服务器繁忙，请稍后再试'    };    //提交数据    function submit() {      var userNameInput = $.trim(options.userName.val());      var passwordInput = $.trim(options.password.val());      if (userNameInput == '') {        showMsg('登录名不能为空');        options.userName.focus();        return;      }      if (passwordInput == '') {        showMsg('密码不能为空');        options.password.focus();        return;      }      $.ajax({        type: "POST",        url: options.url,        data: "userName=" + userNameInput + "&password=" + passwordInput,        success: function (msg) {          var result = eval("[" + msg + "]")[0];          if (result.status == "ok") {            //登录成功处理            showMsg("登录成功....");          } else {            showMsg(errMsg[result.status]);          }        }      });    }    //显示错误信息    function showMsg(msg) {      options.msg.html(msg);    }    //绑定按钮事件    options.button.bind('click', function () {      submit();      return false;    });  };})(jQuery);

  <script type="text/javascript">    $('#form1').login({      url: "AjaxLogin.aspx",      userName: $("input[name='userName']"),      password: $("input[name='password']"),      msg: $(".msg"),      button: $("#btnSumit")    });  </script>

using System;using System.Web;using System.Web.UI;namespace Whir.SiteFactory.Website.Admin.Account{  public partial class AjaxLogin : Page  {    protected void Page_Load(object sender, EventArgs e)    {      string status = ProcessLogin();      Response.Clear();      Response.Write(status);      Response.End();    }    private string ProcessLogin()    {      try      {        string userName = HttpContext.Current.Request.Form["userName"];        string password = HttpContext.Current.Request.Form["password"];        if (string.IsNullOrEmpty(userName))        {          return "{status:'inputUserName'}"; //请输入用户名        }        if (string.IsNullOrEmpty(password))        {          return "{status:'inputPassword'}"; //请填写登录密码        }        if (password.Length < 6 || password.Length > 32)        {          return "{status:'passwordLength'}"; //密码应在6-32位字符内        }        //var user = UserService.GetUserByName(userName);        //if (user == null)        //{        //  return "{status:'inviladUserName'}"; //帐号不存在        //}        //if (user.IsLocked)        //{        //  return "{status:'userLocked'}"; //帐号锁定中，暂时无法登录        //}        //if (user.Password.ToLower() != password.ToMd5().ToLower())        //{         //  return "{accountNotMatch:'ok'}"; //账号密码不匹配        //}        //其他操作：        //写入客户端cookie        //登录日志        return "{status:'ok'}"; //登录成功      }      catch (Exception ex)      {        return "{status:'serverdown'}"; //服务器繁忙，请稍后再试      }    }  }}