(三)学习MVC之密码加密及用户登录

1.密码加密采用SHA256 算法，此类的唯一实现是 SHA256Managed。在Common/Text.cs里添加Sha256方法：

  public static string Sha256(string plainText)
        {
            SHA256Managed _sha256 = new SHA256Managed();
            byte[] _cipherText = _sha256.ComputeHash(Encoding.Default.GetBytes(plainText));
            return Convert.ToBase64String(_cipherText);
        }

2.在Repository/UserRepository.cs添加Authentication方法，用来验证登录时用户名和密码是否正确。

  /// <summary>
        /// 用户验证【0-成功；1-用户名不存在；2-密码错误】
        /// </summary>
        /// <param name="UserName"></param>
        /// <param name="PassWrod"></param>b
        /// <returns></returns>
        public int Authentication(string UserName, string PassWrod)
        {
            var _user = dbContext.Users.SingleOrDefault(u => u.UserName == UserName);
            if (_user == null) return 1;
            else if (_user.Password != PassWrod) return 2;
            else return 0;
        }

3.在Model/User.cs添加用户登录模型

 /// <summary>
    /// 用户登陆模型
    /// </summary>
    public class UserLogin
    {
        /// <summary>
        /// 用户名
        /// </summary>
        [Display(Name = "用户名", Description = "4-20个字符。")]
        [Required(ErrorMessage = "×")]
        [StringLength(20, MinimumLength = 4, ErrorMessage = "×")]
        public string UserName { get; set; }
        /// <summary>
        /// 密码
        /// </summary>
        [Display(Name = "密码", Description = "6-20个字符。")]
        [Required(ErrorMessage = "×")]
        [StringLength(20, MinimumLength = 6, ErrorMessage = "×")]
        [DataType(DataType.Password)]
        public string Password { get; set; }
        /// <summary>
        /// 验证码
        /// </summary>
        [Display(Name = "验证码", Description = "请输入图片中的验证码。")]
        [Required(ErrorMessage = "×")]
        [StringLength(6, MinimumLength = 6, ErrorMessage = "×")]
        public string VerificationCode { get; set; }

    }

4.修改Countrol/UserControl.cs,添加Login相关代码：

 public ActionResult Login()
        {
            return View();
        }
        //使用Cookie保存登陆账号，密码等信息
        [HttpPost]
        public ActionResult Login(UserLogin login)
        {
            //验证验证码
            if (Session["VerificationCode"] == null || Session["VerificationCode"].ToString() == "")
            {
                Error _e = new Error { Title = "验证码不存在", Details = "在用户注册时，服务器端的验证码为空，或向服务器提交的验证码为空", Cause = "<li>你注册时在注册页面停留的时间过久页已经超时</li><li>您绕开客户端验证向服务器提交数据</li>", Solution = "返回<a href='" + Url.Action("Register", "User") + "'>注册</a>页面，刷新后重新注册" };
                return RedirectToAction("Error", "Prompt", _e);
            }
            else if (Session["VerificationCode"].ToString() != login.VerificationCode.ToUpper())
            {
                ModelState.AddModelError("VerificationCode", "×");
                return View();
            }
            //验证账号密码
            /// <summary>
            /// 用户验证【0-成功；1-用户名不存在；2-密码错误】
            /// </summary>
            userRsy = new UserRepository();
           int n=userRsy.Authentication(login.UserName, Common.Text.Sha256(login.Password));
           if(n==1){
                ModelState.AddModelError("Message", "用户名不存在！");
                return View();
           }
           else if(n==2){
               ModelState.AddModelError("Message", "密码输入错误！");
               return View();
           }
           else{
                    HttpCookie _cookie = new HttpCookie("User");
                _cookie.Values.Add("UserName", login.UserName);
                _cookie.Values.Add("Password", Common.Text.Sha256(login.Password));
                Response.Cookies.Add(_cookie);
                return RedirectToAction("Default", "User");
           }
                     
        }

5.在 public ActionResult Login() 上右键添加强类型视图：

6.视图完成代码：

@model LoginExample.Models.UserLogin

@{
    ViewBag.Title = "用户登陆";
    Layout = "~/Views/Shared/_Layout.cshtml";
}

@using (Html.BeginForm())
{
    @Html.ValidationSummary(true)

    <div class="form">
        <dl>
            <dt>用户登陆</dt>
            <dd>
                <div class="label">@Html.LabelFor(model => model.UserName)：</div>
                <div class="ctrl">
                    @Html.EditorFor(model => model.UserName)
                @Html.ValidationMessageFor(model => model.UserName)
                @Html.DisplayDescriptionFor(model => model.UserName)
            </div>
        </dd>
        <dd>
            <div class="label">@Html.LabelFor(model => model.Password)：</div>
            <div class="ctrl">
                @Html.PasswordFor(model => model.Password)
            @Html.ValidationMessageFor(model => model.Password)
            @Html.DisplayDescriptionFor(model => model.Password)
        </div>
    </dd>
    <dd>
        <div class="label">验证码：</div>
        <div class="ctrl">
            @Html.TextBoxFor(model => model.VerificationCode)
            @Html.ValidationMessageFor(model => model.VerificationCode)
            <img id="verificationcode" alt="" src="@Url.Action("VerificationCode", "User")" />
            <a id="trydifferent" style="cursor: pointer">换一张</a>
        </div>
    </dd>
    <dd>
        <div class="label"></div>
        <div class="ctrl">
            <input type="submit" value="登陆" />@Html.ValidationMessage("Message")
        </div>
        <div class="ctrl">
        @Html.ActionLink("注册","Register")
        </div>
    </dd>
</dl>
<div class="clear"></div>
</div>
}

<script type="text/javascript">
    $("#trydifferent").click(function () {
        $("#verificationcode").attr("src", "/User/VerificationCode?" + new Date());
    })
   
</script>

7.运行Login.cshtml，结果：

8.结束。