zoukankan      html  css  js  c++  java
  • .NET Core2.0+MVC 用session,cookie实现的sso单点登录

    博主刚接触.NET Core2.0,想做一个单点登录的demo,所以参考了一些资料,这里给上链接:

    1.http://www.cnblogs.com/baibaomen/p/sso-sequence-chart.html

    2.https://www.cnblogs.com/ywlaker/p/6113927.html

    于是开始项目:

    首先,既然是单点登录,就得建立多个站点,实现多个系统一次登录/注销。

    直接看解决方案

    sso_server用于统一登录

    这边思路不再多说,上面的两篇帖子说的比较清楚。

    既然使用session,那么,就得在startup中添加:

    当然,所有用到session的项目,都需要这么添加一下(个人觉得有点麻烦,有更好的方法,也请告知,感谢)

    然后是system1,system2的代码(这里两个系统没有差别)

    1. using System;
    2. using System.Collections.Generic;
    3. using System.Linq;
    4. using System.Net.Http;
    5. using System.Net.Http.Headers;
    6. using System.Security.Claims;
    7. using System.Threading.Tasks;
    8. using Microsoft.AspNetCore.Authentication;
    9. using Microsoft.AspNetCore.Authentication.Cookies;
    10. using Microsoft.AspNetCore.Http;
    11. using Microsoft.AspNetCore.Mvc;
    12.  
    13. namespace SSO_Server.Controllers
    14. {
    15. public class LoginController : Controller
    16. {
    17. public IActionResult Index(string returnUrl)
    18. {
    19. //浏览器带过来的cookie,token值
    20. string browsertoken = HttpContext.Request.Cookies["token"];
    21. //不存在,则判断未登录
    22. if (string.IsNullOrEmpty(browsertoken) || string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken)))
    23. {
    24. ViewData["Message"] = "请登录";
    25. }
    26. else
    27. {
    28. string url = HttpContext.Session.GetString(browsertoken) + ",";
    29. //将请求的url注册
    30. HttpContext.Session.SetString(browsertoken, url + returnUrl);
    31. //存在token,判断已登录,返回用户信息
    32. return Redirect(returnUrl + "?token=" + browsertoken + "&uid=" + "1234");
    33. //return Content(returnUrl + "?token=" + browsertoken + "&uid=" + "1234");
    34. }
    35. return View();
    36. }
    37.  
    38. public IActionResult SignIn(string returnUrl)
    39. {
    40. //保存用户信息
    41. HttpContext.Session.SetString("uid","1234");
    42. //生成token
    43. string token = Guid.NewGuid().ToString();
    44. //将请求的url注册
    45. HttpContext.Session.SetString(token, returnUrl);
    46. //写入浏览器token
    47. HttpContext.Response.Cookies.Append("token",token);
    48. if (string.IsNullOrWhiteSpace(returnUrl))
    49. {
    50. returnUrl = "http://sysone.yourdomain.cn";
    51. }
    52. //返回token和用户信息到请求地址
    53. return Redirect(returnUrl+"?token="+ token+"&uid="+"1234");
    54. }
    55.  
    56. public IActionResult sessiontoken()
    57. {
    58. string browsertoken = HttpContext.Request.Cookies["token"];
    59. string s= HttpContext.Session.GetString(browsertoken);
    60. return Content(s);
    61. }
    62.  
    63. public IActionResult SignOut(string returnUrl)
    64. {
    65. string cont = string.Empty;
    66. string nexturl = string.Empty;
    67. string browsertoken = HttpContext.Request.Cookies["token"];
    68. if (!string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken)))
    69. {
    70. string urlstr = HttpContext.Session.GetString(browsertoken);
    71. //string urlstr = "http://sysone.yourdomain.cn,http://systwo.yourdomain.cn";
    72. string[] ulslist = urlstr.Split(',');
    73. List<string> arrstr = ulslist.Distinct().ToList();
    74. if (arrstr.Count() > 0 && !string.IsNullOrEmpty(arrstr[0]))
    75. {
    76. nexturl = arrstr[0] + "/Home/SignOut";
    77. cont = string.Join(",", arrstr);
    78. }
    79. }
    80. HttpContext.Response.Cookies.Delete("token");
    81. HttpContext.Session.Clear();
    82. //return Content(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont);
    83. if (!string.IsNullOrEmpty(nexturl))
    84. return Redirect(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont);
    85. else
    86. return Redirect(returnUrl);
    87. }
    88. }
    89. }

    然后是视图

    1. @{
    2. ViewData["Title"] = "Home Page";
    3. }
    4. @ViewData["Message"]
    5. @if (!ViewData["Message"].ToString().Equals("请登录"))
    6. {
    7. <a href="http://sso.yourdomain.cn/Login/SignOut?returnUrl=http://sysone.yourdomain.cn">注销</a>
    8. }
    9. else
    10. {
    11. <a class="btn btn-default" href="http://sso.yourdomain.cn/login?returnUrl=http://sysone.yourdomain.cn">登录</a>
    12. }

    然后是sso认证中心代码:

    1. using System;
    2. using System.Collections.Generic;
    3. using System.Linq;
    4. using System.Net.Http;
    5. using System.Net.Http.Headers;
    6. using System.Security.Claims;
    7. using System.Threading.Tasks;
    8. using Microsoft.AspNetCore.Authentication;
    9. using Microsoft.AspNetCore.Authentication.Cookies;
    10. using Microsoft.AspNetCore.Http;
    11. using Microsoft.AspNetCore.Mvc;
    12.  
    13. namespace SSO_Server.Controllers
    14. {
    15. public class LoginController : Controller
    16. {
    17. public IActionResult Index(string returnUrl)
    18. {
    19. //浏览器带过来的cookie,token值
    20. string browsertoken = HttpContext.Request.Cookies["token"];
    21. //不存在,则判断未登录
    22. if (string.IsNullOrEmpty(browsertoken) || string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken)))
    23. {
    24. ViewData["Message"] = "请登录";
    25. }
    26. else
    27. {
    28. string url = HttpContext.Session.GetString(browsertoken) + ",";
    29. //将请求的url注册
    30. HttpContext.Session.SetString(browsertoken, url + returnUrl);
    31. //存在token,判断已登录,返回用户信息
    32. return Redirect(returnUrl + "?token=" + browsertoken + "&uid=" + "1234");
    33. //return Content(returnUrl + "?token=" + browsertoken + "&uid=" + "1234");
    34. }
    35. return View();
    36. }
    37.  
    38. public IActionResult SignIn(string returnUrl)
    39. {
    40. //保存用户信息
    41. HttpContext.Session.SetString("uid","1234");
    42. //生成token
    43. string token = Guid.NewGuid().ToString();
    44. //将请求的url注册
    45. HttpContext.Session.SetString(token, returnUrl);
    46. //写入浏览器token
    47. HttpContext.Response.Cookies.Append("token",token);
    48. if (string.IsNullOrWhiteSpace(returnUrl))
    49. {
    50. returnUrl = "http://sysone.yourdomain.cn";
    51. }
    52. //返回token和用户信息到请求地址
    53. return Redirect(returnUrl+"?token="+ token+"&uid="+"1234");
    54. }
    55.  
    56. public IActionResult sessiontoken()
    57. {
    58. string browsertoken = HttpContext.Request.Cookies["token"];
    59. string s= HttpContext.Session.GetString(browsertoken);
    60. return Content(s);
    61. }
    62.  
    63. public IActionResult SignOut(string returnUrl)
    64. {
    65. string cont = string.Empty;
    66. string nexturl = string.Empty;
    67. string browsertoken = HttpContext.Request.Cookies["token"];
    68. if (!string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken)))
    69. {
    70. string urlstr = HttpContext.Session.GetString(browsertoken);
    71. //string urlstr = "http://sysone.yourdomain.cn,http://systwo.yourdomain.cn";
    72. string[] ulslist = urlstr.Split(',');
    73. List<string> arrstr = ulslist.Distinct().ToList();
    74. if (arrstr.Count() > 0 && !string.IsNullOrEmpty(arrstr[0]))
    75. {
    76. nexturl = arrstr[0] + "/Home/SignOut";
    77. cont = string.Join(",", arrstr);
    78. }
    79. }
    80. HttpContext.Response.Cookies.Delete("token");
    81. HttpContext.Session.Clear();
    82. //return Content(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont);
    83. if (!string.IsNullOrEmpty(nexturl))
    84. return Redirect(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont);
    85. else
    86. return Redirect(returnUrl);
    87. }
    88. }
    89. }

    sso,登录页视图index

    1. @{
    2. ViewData["Title"] = "登录";
    3. }
    4. @ViewData["Message"]
    5. @if (!ViewData["Message"].ToString().Equals("请登录"))
    6. {
    7. <a href="@Url.Action("SignOut")">注销</a>
    8. }
    9. else
    10. {
    11. <a class="btn btn-default" href="@Url.Action("SignIn","Login",new { returnUrl=Context.Request.Query["returnUrl"]})">登录</a>
    12. }
    13. @ViewData["Message1"]

    这里贴上资源链接

    https://download.csdn.net/download/qq_28248571/10342173

    这里只是初步demo,请不要钻牛角尖,欢迎讨论,感谢你的阅读

  • 相关阅读:
    【题解】P3796【模板】AC自动机(加强版)
    【模板】P3806点分治1
    【题解】P2602[JZOI2010]数字计数
    【题解】P2444 病毒
    【题解】[P3557 POI2013]GRA-Tower Defense Game
    【题解】DZY Loves Chinese
    【题解】[Ghd]
    【题解】CF264B Good Sequences
    【题解】P3162CQOI2012组装
    【题解】P2279消防局的设立
  • 原文地址:https://www.cnblogs.com/zbliao/p/13813460.html
Copyright © 2011-2022 走看看