优化代码,webapi登陆Token只存一份,防止生成过多Token导致滥用

This commit is contained in:
Argo-Lenovo 2016-12-23 13:24:16 +08:00
parent 2e84178914
commit 28ab643d4a
1 changed files with 5 additions and 3 deletions

View File

@ -36,10 +36,12 @@ namespace Bootstrap.Admin.Controllers
string password = user.password; string password = user.password;
if (LgbPrincipal.IsAdmin(userName, password) || UserHelper.Authenticate(userName, password)) if (LgbPrincipal.IsAdmin(userName, password) || UserHelper.Authenticate(userName, password))
{ {
var token = Guid.NewGuid().ToString(); var interval = int.Parse(Math.Round(FormsAuthentication.Timeout.TotalSeconds).ToString());
return CacheManager.AddOrUpdate(token, int.Parse(Math.Round(FormsAuthentication.Timeout.TotalSeconds).ToString()), k => new LoginInfo() { UserName = userName, Token = token }, (k, info) => info, "Token 数据缓存"); var token = CacheManager.AddOrUpdate(string.Format("WebApi-{0}", userName), interval, k => new LoginInfo() { UserName = userName, Token = Guid.NewGuid().ToString() }, (k, info) => info, "WebApi 数据缓存");
CacheManager.AddOrUpdate(token.Token, interval, k => token, (k, info) => info, "Token 数据缓存");
return token;
} }
return new LoginInfo(); return new LoginInfo() { UserName = userName };
} }
/// <summary> /// <summary>
/// ///