博主剛接觸.NET Core2.0,想做一個單點登錄的demo,所以參考了一些資料,這里給上鏈接:
1.http://www.cnblogs.com/baibaomen/p/sso-sequence-chart.html
2.https://www.cnblogs.com/ywlaker/p/6113927.html
於是開始項目:
首先,既然是單點登錄,就得建立多個站點,實現多個系統一次登錄/注銷。
直接看解決方案
sso_server用於統一登錄
這邊思路不再多說,上面的兩篇帖子說的比較清楚。
既然使用session,那么,就得在startup中添加:
當然,所有用到session的項目,都需要這么添加一下(個人覺得有點麻煩,有更好的方法,也請告知,感謝)
然后是system1,system2的代碼(這里兩個系統沒有差別)
using System; using System.Collections.Generic; using System.Linq; using System.Net.Http; using System.Net.Http.Headers; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace SSO_Server.Controllers { public class LoginController : Controller { public IActionResult Index(string returnUrl) { //瀏覽器帶過來的cookie,token值 string browsertoken = HttpContext.Request.Cookies["token"]; //不存在,則判斷未登錄 if (string.IsNullOrEmpty(browsertoken) || string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { ViewData["Message"] = "請登錄"; } else { string url = HttpContext.Session.GetString(browsertoken) + ","; //將請求的url注冊 HttpContext.Session.SetString(browsertoken, url + returnUrl); //存在token,判斷已登錄,返回用戶信息 return Redirect(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); //return Content(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); } return View(); } public IActionResult SignIn(string returnUrl) { //保存用戶信息 HttpContext.Session.SetString("uid","1234"); //生成token string token = Guid.NewGuid().ToString(); //將請求的url注冊 HttpContext.Session.SetString(token, returnUrl); //寫入瀏覽器token HttpContext.Response.Cookies.Append("token",token); if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = "http://sysone.yourdomain.cn"; } //返回token和用戶信息到請求地址 return Redirect(returnUrl+"?token="+ token+"&uid="+"1234"); } public IActionResult sessiontoken() { string browsertoken = HttpContext.Request.Cookies["token"]; string s= HttpContext.Session.GetString(browsertoken); return Content(s); } public IActionResult SignOut(string returnUrl) { string cont = string.Empty; string nexturl = string.Empty; string browsertoken = HttpContext.Request.Cookies["token"]; if (!string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { string urlstr = HttpContext.Session.GetString(browsertoken); //string urlstr = "http://sysone.yourdomain.cn,http://systwo.yourdomain.cn"; string[] ulslist = urlstr.Split(','); List<string> arrstr = ulslist.Distinct().ToList(); if (arrstr.Count() > 0 && !string.IsNullOrEmpty(arrstr[0])) { nexturl = arrstr[0] + "/Home/SignOut"; cont = string.Join(",", arrstr); } } HttpContext.Response.Cookies.Delete("token"); HttpContext.Session.Clear(); //return Content(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); if (!string.IsNullOrEmpty(nexturl)) return Redirect(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); else return Redirect(returnUrl); } } }
然后是視圖
@{ ViewData["Title"] = "Home Page"; } @ViewData["Message"] @if (!ViewData["Message"].ToString().Equals("請登錄")) { <a href="http://sso.yourdomain.cn/Login/SignOut?returnUrl=http://sysone.yourdomain.cn">注銷</a> } else { <a class="btn btn-default" href="http://sso.yourdomain.cn/login?returnUrl=http://sysone.yourdomain.cn">登錄</a> }
然后是sso認證中心代碼:
using System; using System.Collections.Generic; using System.Linq; using System.Net.Http; using System.Net.Http.Headers; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace SSO_Server.Controllers { public class LoginController : Controller { public IActionResult Index(string returnUrl) { //瀏覽器帶過來的cookie,token值 string browsertoken = HttpContext.Request.Cookies["token"]; //不存在,則判斷未登錄 if (string.IsNullOrEmpty(browsertoken) || string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { ViewData["Message"] = "請登錄"; } else { string url = HttpContext.Session.GetString(browsertoken) + ","; //將請求的url注冊 HttpContext.Session.SetString(browsertoken, url + returnUrl); //存在token,判斷已登錄,返回用戶信息 return Redirect(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); //return Content(returnUrl + "?token=" + browsertoken + "&uid=" + "1234"); } return View(); } public IActionResult SignIn(string returnUrl) { //保存用戶信息 HttpContext.Session.SetString("uid","1234"); //生成token string token = Guid.NewGuid().ToString(); //將請求的url注冊 HttpContext.Session.SetString(token, returnUrl); //寫入瀏覽器token HttpContext.Response.Cookies.Append("token",token); if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = "http://sysone.yourdomain.cn"; } //返回token和用戶信息到請求地址 return Redirect(returnUrl+"?token="+ token+"&uid="+"1234"); } public IActionResult sessiontoken() { string browsertoken = HttpContext.Request.Cookies["token"]; string s= HttpContext.Session.GetString(browsertoken); return Content(s); } public IActionResult SignOut(string returnUrl) { string cont = string.Empty; string nexturl = string.Empty; string browsertoken = HttpContext.Request.Cookies["token"]; if (!string.IsNullOrEmpty(HttpContext.Session.GetString(browsertoken))) { string urlstr = HttpContext.Session.GetString(browsertoken); //string urlstr = "http://sysone.yourdomain.cn,http://systwo.yourdomain.cn"; string[] ulslist = urlstr.Split(','); List<string> arrstr = ulslist.Distinct().ToList(); if (arrstr.Count() > 0 && !string.IsNullOrEmpty(arrstr[0])) { nexturl = arrstr[0] + "/Home/SignOut"; cont = string.Join(",", arrstr); } } HttpContext.Response.Cookies.Delete("token"); HttpContext.Session.Clear(); //return Content(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); if (!string.IsNullOrEmpty(nexturl)) return Redirect(nexturl + "?returnUrl=" + returnUrl + "&cont=" + cont); else return Redirect(returnUrl); } } }
sso,登錄頁視圖index
@{ ViewData["Title"] = "登錄"; } @ViewData["Message"] @if (!ViewData["Message"].ToString().Equals("請登錄")) { <a href="@Url.Action("SignOut")">注銷</a> } else { <a class="btn btn-default" href="@Url.Action("SignIn","Login",new { returnUrl=Context.Request.Query["returnUrl"]})">登錄</a> } @ViewData["Message1"]
這里貼上資源鏈接
https://download.csdn.net/download/qq_28248571/10342173
這里只是初步demo,請不要鑽牛角尖,歡迎討論,感謝你的閱讀