做为开发者,我们希望经过我们手中出来的代码,是效率最高的,速度最快的,性能最优化的。
我们在探索代码的完美,我们在想着,是不是有更好的代码比我现在这样的写好,
我们想寻找最好的代码,
我们在想,
我们还是在想,却仍没有去敲键盘。
不知不觉浪费了好多的时间,我的还是在想,还是没有代码的呈现。
究竟什么才是最完美的代码呢?
应该是没有最完美的代码。我们在经过简单的思考后,应该执着着去写,经过时间的沉淀,不断的修改和完善,
看到别人的代码,想下人家的思考,如果优于自己,可以取其精华,结合自己的代码不断的去成长,去提高 ,
//修改1 ,已经把代码粘到代码编辑器中了,
//我认为这种代码也比较好,但是有点不想接受,逻辑上有点不顺,感觉,想寻找更好的代码和逻辑
?
我们往往不太注重逻辑,我们往往下笔没有神,因为copy,del的太简单,在不断的keyword,del的时候,最仍然没有出一个好的逻辑 ,
一次去面试,最后一道是算法题,我是拿着笔就开写了,写着写着,觉得要变动,没有Del,只有划,最后的结果呢,
面试纸上划下了一大片,却仍然没有一个真正的逻辑出来。
为什么不能先想好,才下笔呢。
程序不是作文,写一半就会有一半的分数,
程序不是作文,结果不对就是错的。
?
最近买了李天平的那本书,附上一个书中的登陆代码。这个登陆主要是用到了微软的安全类,
我不知道大家平时用的登陆,是怎么实现的。有没有比这个还优秀一点的。
比较难以理解的名字,做了一下通俗的解释。希望对大家有一些帮助。
1.负责人(principal)-运行环境? 身份(identity)-用户? 授权(Authentication)
?? Authorization 授权 判断用户是否有权操作,比如登录的用户有没有权限访问资源或者数据库
Authentication 认证 用户的Identity. 主要有:HTTP基础认证、证书、Kerberos、Passport、NTLM、Forms-based、Digest
一般应用先authenticate用户, 判断用户是否能链接到系统。然后authorization, 判断对某个功能是否有权限。
2.HttpModuler 监视器 过滤传到httpHand上的数据
?
代码
<!--<br/ /><br/ />Code highlighting produced by Actipro CodeHighlighter (freeware)<br/ />http://www.CodeHighlighter.com/<br/ /><br/ />-->一,
using?System;
using?System.Collections;
using?System.Security;
using?System.Security.Cryptography;
using?System.Text;
namespace?Permission.WebAdmin
{
????///?<summary>
????///?用户对象的安全上下文信息
????///?</summary>
????public?class?AccountsPrincipal?:?System.Security.Principal.IPrincipal
????{
????????#region?属性
????????protected?System.Security.Principal.IIdentity?identity;
????????protected?ArrayList?permissionList;
????????protected?ArrayList?permissionListid;
????????protected?ArrayList?roleList;
????????///?<summary>
????????///?当前用户的所有角色
????????///?</summary>
????????public?ArrayList?Roles
????????{
????????????get
????????????{
????????????????return?roleList;
????????????}
????????}
????????///?<summary>
????????///?当前用户拥有的权限列表
????????///?</summary>
????????public?ArrayList?Permissions
????????{
????????????get
????????????{
????????????????return?permissionList;
????????????}
????????}
????????///?<summary>
????????///?当前用户拥有的权限ID列表
????????///?</summary>
????????public?ArrayList?PermissionsID
????????{
????????????get
????????????{
????????????????return?permissionListid;
????????????}
????????}
????????//?IPrincipal?Interface?Requirements:
????????///?<summary>
????????///?当前用户的标识对象
????????///?</summary>
????????public?System.Security.Principal.IIdentity?Identity
????????{
????????????get
????????????{
????????????????return?identity;
????????????}
????????????set
????????????{
????????????????identity?=?value;
????????????}
????????}
????????#endregion
????????///?<summary>
????????///?根据用户编号构造
????????///?</summary>
????????public?AccountsPrincipal(int?userID)
????????{
????????????identity?=?new?SiteIdentity(userID);
????????????permissionList?=?AccountsPrincipalDLL.GetEffectivePermissionList(userID);
????????????permissionListid?=?AccountsPrincipalDLL.GetEffectivePermissionListID(userID);
????????????roleList?=?AccountsPrincipalDLL.GetUserRoles(userID);
????????}
????????///?<summary>
????????///?根据用户名构造
????????///?</summary>
????????public?AccountsPrincipal(string?userName)
????????{
????????????identity?=?new?SiteIdentity(userName);
????????????permissionList?=?AccountsPrincipalDLL.GetEffectivePermissionList(((SiteIdentity)identity).UserID);
????????????permissionListid?=?AccountsPrincipalDLL.GetEffectivePermissionListID(((SiteIdentity)identity).UserID);
????????????roleList?=?AccountsPrincipalDLL.GetUserRoles(((SiteIdentity)identity).UserID);
????????}
????????///?<summary>
????????///?当前用户是否属于指定名称的角色
????????///?</summary>
????????public?bool?IsInRole(string?role)
????????{
????????????return?roleList.Contains(role);
????????}
????????///?<summary>
????????///?当前用户是否拥有指定名称的权限
????????///?</summary>
????????public?bool?HasPermission(string?permission)
????????{
????????????return?permissionList.Contains(permission);
????????}
????????///?<summary>
????????///?当前用户是否拥有指定的权限
????????///?</summary>
????????public?bool?HasPermissionID(int?permissionid)
????????{
????????????return?permissionListid.Contains(permissionid);
????????}
????????///?<summary>
????????///?验证登录信息
????????///?</summary>
????????public?static?AccountsPrincipal?ValidateLogin(string?userName,?string?password)
????????{
????????????int?newID;
????????????byte[]?cryptPassword?=?EncryptPassword(password);
????????????Data.User?dataUser?=?new?Data.User();
????????????if?((newID?=?dataUser.ValidateLogin(userName,?cryptPassword))?>?0)
????????????????return?new?AccountsPrincipal(newID);
????????????else
????????????????return?null;
????????}
????????///?<summary>
????????///?密码加密
????????///?</summary>
????????public?static?byte[]?EncryptPassword(string?password)
????????{
????????????UnicodeEncoding?encoding?=?new?UnicodeEncoding();
????????????byte[]?hashBytes?=?encoding.GetBytes(password);
????????????SHA1?sha1?=?new?SHA1CryptoServiceProvider();
????????????byte[]?cryptPassword?=?sha1.ComputeHash(hashBytes);
????????????return?cryptPassword;
????????}
????}
}
?
二
?
using?System;
using?System.Data;
using?System.Configuration;
using?System.Web;
using?System.Web.Security;
using?System.Web.UI;
using?System.Web.UI.WebControls;
using?System.Web.UI.WebControls.WebParts;
using?System.Web.UI.HtmlControls;
using?Permission.Common;
namespace?Permission.WebAdmin
{
????///?<summary>
????///?页面基类
????///?</summary>
????public?class?PageBase?:?System.Web.UI.Page
????{
????????protected?override?void?OnInit(EventArgs?e)
????????{
????????????base.OnInit(e);
????????????this.Load?+=?new?System.EventHandler(this.Page_Load);
????????????this.Error?+=?new?System.EventHandler(this.Page_Error);
????????}
????????#region?权限检查
????????///?<summary>
????????///?页面访问权限ID。
????????///?</summary>
????????public?virtual?int?PermissionID
????????{
????????????get?{?return?-1;?}
????????}
????????public?AccountsPrincipal?CurrentPrincipal
????????{
????????????get
????????????{
????????????????if?(Context.User.Identity.IsAuthenticated)
????????????????{
????????????????????AccountsPrincipal?user?=?new?AccountsPrincipal(Context.User.Identity.Name);
????????????????????return?user;
????????????????}
????????????????return?null;
????????????}
????????}
????????///?<summary>
????????///?当前用户信息
????????///?</summary>
????????public?Tb_Accounts_Users?CurrentUser
????????{
????????????get
????????????{
????????????????if?(CurrentPrincipal?==?null)
????????????????{
????????????????????return?null;
????????????????}
????????????????if?(Session["UserInfo"]?==?null)
????????????????{
????????????????????LTP.Accounts.Bus.User?currentUser?=?new?LTP.Accounts.Bus.User(CurrentPrincipal);
????????????????????Session["UserInfo"]?=?currentUser;
????????????????}
????????????????return?Session["UserInfo"]?as?Tb_Accounts_Users;
????????????}
????????}
????????#endregion
????????#region?页面事件
????????private?void?Page_Load(object?sender,?System.EventArgs?e)
????????{
????????????//网站域名或虚拟目录
????????????string?virtualPath?=?ConfigurationManager.AppSettings.Get("VirtualPath");
????????????//登录页地址
????????????string?loginPage?=?ConfigurationManager.AppSettings.Get("LoginPage");
????????????if?(Context.User.Identity.IsAuthenticated)
????????????{
????????????????AccountsPrincipal?user?=?new?AccountsPrincipal(Context.User.Identity.Name);
????????????????if?((PermissionID?!=?-1)?&&?(!user.HasPermissionID(PermissionID)))
????????????????{
????????????????????Response.Clear();
????????????????????Response.Write("<script?defer>window.alert('您没有权限进入本页!');history.back();</script>");
????????????????????Response.End();
????????????????}
????????????}
????????????else
????????????{
????????????????FormsAuthentication.SignOut();
????????????????Session.Clear();
????????????????Session.Abandon();
????????????????Response.Clear();
????????????????Response.Write("<script?defer>window.alert('您没有权限进入本页或当前登录用户已过期!http://www.cnblogs.com/hsapphire/admin/file://n/请重新登录或与管理员联系!');parent.location='"?+?virtualPath?+?"/"?+?loginPage?+?"';</script>");
????????????????Response.End();
????????????}
????????}
????????protected?void?Page_Error(object?sender,?System.EventArgs?e)
????????{
????????????string?errMsg?=?"";
????????????Exception?currentError?=?Server.GetLastError();
????????????errMsg?+=?"系统发生错误:<br/>"?+
????????????????"错误地址:?"?+?Request.Url.ToString()?+?"<br/>"?+
????????????????"错误信息:?"?+?currentError.Message.ToString()?+?"<br/>";
????????????Response.Write(errMsg);
????????????Server.ClearError();//要注意这句代码的使用,清除异常。
????????}
????????#endregion
????????#region?URL参数
????????public?virtual?string?Name
????????{
????????????get
????????????{
????????????????if?((Request["name"]?!=?null)?&&?(Request["name"].ToString()?!=?""))
????????????????{
????????????????????return?Request.QueryString["name"].Trim();
????????????????}
????????????????return?"";
????????????}
????????}
????????#endregion
????}
????
}
三。
?
using?System;
using?System.Collections.Generic;
using?System.Text;
using?Permission.Common;
using?System.Security.Cryptography;
namespace?Permission.WebAdmin
{
????///?<summary>
????///?当前用户的标识对象
????///?</summary>
????[Serializable]
????public?class?SiteIdentity?:?System.Security.Principal.IIdentity
????{
????????#region??用户属性
????????private?string?userName;
????????private?string?trueName;
????????private?string?email;
????????private?byte[]?password;
????????private?int?userID;
????????private?string?sex;
????????///?<summary>
????????///?用户名
????????///?</summary>
????????public?string?UserName
????????{
????????????get
????????????{
????????????????return?userName;
????????????}
????????}
????????///?<summary>
????????///?真实姓名
????????///?</summary>
????????public?string?TrueName
????????{
????????????get
????????????{
????????????????return?trueName;
????????????}
????????}
????????///?<summary>
????????///?邮箱
????????///?</summary>
????????public?string?Email
????????{
????????????get
????????????{
????????????????return?email;
????????????}
????????}
????????///?<summary>
????????///?用户编号
????????///?</summary>
????????public?int?UserID
????????{
????????????get
????????????{
????????????????return?userID;
????????????}
????????}
????????///?<summary>
????????///?密码
????????///?</summary>
????????public?byte[]?Password
????????{
????????????get
????????????{
????????????????return?password;
????????????}
????????}
????????///?<summary>
????????///?性别
????????///?</summary>
????????public?string?Sex
????????{
????????????get
????????????{
????????????????return?sex;
????????????}
????????}
????????#endregion
????????#region?IIdentity?interface?requirments:
????????///?<summary>
????????///?当前用户的名称
????????///?</summary>
????????public?string?Name
????????{
????????????get
????????????{
????????????????return?userName;
????????????}
????????}
????????///?<summary>
????????///?获取所使用的身份验证的类型。
????????///?</summary>
????????public?string?AuthenticationType
????????{
????????????get
????????????{
????????????????return?"Custom?Authentication";
????????????}
????????????set
????????????{
????????????????//?do?nothing
????????????}
????????}
????????///?<summary>
????????///?是否验证了用户
????????///?</summary>
????????public?bool?IsAuthenticated
????????{
????????????get
????????????{
????????????????return?true;
????????????}
????????}
????????#endregion
????????///?<summary>
????????///?根据用户名构造
????????///?</summary>
????????public?SiteIdentity(string?currentUserName)
????????{
????????????Tb_Accounts_Users?entityUser=BllAccess?.?UserDLL.UserGetModelByUserName(currentUserName);
?????????????userName?=?currentUserName;
?????????????trueName?=?entityUser.TrueName;
?????????????email?=?entityUser.Email;
?????????????userID?=?entityUser.UserID;
?????????????password?=?entityUser.Password;
?????????????sex?=?entityUser.Sex;
????????}
????????///?<summary>
????????///?根据用户ID构造
????????///?</summary>
????????public?SiteIdentity(int?currentUserID)
????????{
????????????Tb_Accounts_Users?entityUser?=?UserDLL.UserGetModelByUserID(currentUserID);
????????????userName?=?entityUser.UserName;
????????????trueName?=?entityUser.TrueName;
????????????email?=?entityUser.Email;
????????????userID?=?currentUserID;
????????????password?=?entityUser.Password;
????????????sex?=?entityUser.Sex;
????????}
????????///?<summary>
????????///?检查当前用户对象密码
????????///?</summary>
????????public?int?TestPassword(string?password)
????????{
????????????//?At?some?point,?we?may?have?a?more?complex?way?of?encrypting?or?storing?the?passwords
????????????//?so?by?supplying?this?procedure,?we?can?simply?replace?its?contents?to?move?password
????????????//?comparison?to?the?database?(as?we've?done?below)?or?somewhere?else?(e.g.?another
????????????//?web?service,?etc).
????????????UnicodeEncoding?encoding?=?new?UnicodeEncoding();
????????????byte[]?hashBytes?=?encoding.GetBytes(password);
????????????SHA1?sha1?=?new?SHA1CryptoServiceProvider();
????????????byte[]?cryptPassword?=?sha1.ComputeHash(hashBytes);
????????????return?UserDLL.TestPassword(userID,?cryptPassword);
????????}
????}
}
using?System;
using?System.Collections;
using?System.Security;
using?System.Security.Cryptography;
using?System.Text;
namespace?Permission.WebAdmin
{
????///?<summary>
????///?用户对象的安全上下文信息
????///?</summary>
????public?class?AccountsPrincipal?:?System.Security.Principal.IPrincipal
????{
????????#region?属性
????????protected?System.Security.Principal.IIdentity?identity;
????????protected?ArrayList?permissionList;
????????protected?ArrayList?permissionListid;
????????protected?ArrayList?roleList;
????????///?<summary>
????????///?当前用户的所有角色
????????///?</summary>
????????public?ArrayList?Roles
????????{
????????????get
????????????{
????????????????return?roleList;
????????????}
????????}
????????///?<summary>
????????///?当前用户拥有的权限列表
????????///?</summary>
????????public?ArrayList?Permissions
????????{
????????????get
????????????{
????????????????return?permissionList;
????????????}
????????}
????????///?<summary>
????????///?当前用户拥有的权限ID列表
????????///?</summary>
????????public?ArrayList?PermissionsID
????????{
????????????get
????????????{
????????????????return?permissionListid;
????????????}
????????}
????????//?IPrincipal?Interface?Requirements:
????????///?<summary>
????????///?当前用户的标识对象
????????///?</summary>
????????public?System.Security.Principal.IIdentity?Identity
????????{
????????????get
????????????{
????????????????return?identity;
????????????}
????????????set
????????????{
????????????????identity?=?value;
????????????}
????????}
????????#endregion
????????///?<summary>
????????///?根据用户编号构造
????????///?</summary>
????????public?AccountsPrincipal(int?userID)
????????{
????????????identity?=?new?SiteIdentity(userID);
????????????permissionList?=?AccountsPrincipalDLL.GetEffectivePermissionList(userID);
????????????permissionListid?=?AccountsPrincipalDLL.GetEffectivePermissionListID(userID);
????????????roleList?=?AccountsPrincipalDLL.GetUserRoles(userID);
????????}
????????///?<summary>
????????///?根据用户名构造
????????///?</summary>
????????public?AccountsPrincipal(string?userName)
????????{
????????????identity?=?new?SiteIdentity(userName);
????????????permissionList?=?AccountsPrincipalDLL.GetEffectivePermissionList(((SiteIdentity)identity).UserID);
????????????permissionListid?=?AccountsPrincipalDLL.GetEffectivePermissionListID(((SiteIdentity)identity).UserID);
????????????roleList?=?AccountsPrincipalDLL.GetUserRoles(((SiteIdentity)identity).UserID);
????????}
????????///?<summary>
????????///?当前用户是否属于指定名称的角色
????????///?</summary>
????????public?bool?IsInRole(string?role)
????????{
????????????return?roleList.Contains(role);
????????}
????????///?<summary>
????????///?当前用户是否拥有指定名称的权限
????????///?</summary>
????????public?bool?HasPermission(string?permission)
????????{
????????????return?permissionList.Contains(permission);
????????}
????????///?<summary>
????????///?当前用户是否拥有指定的权限
????????///?</summary>
????????public?bool?HasPermissionID(int?permissionid)
????????{
????????????return?permissionListid.Contains(permissionid);
????????}
????????///?<summary>
????????///?验证登录信息
????????///?</summary>
????????public?static?AccountsPrincipal?ValidateLogin(string?userName,?string?password)
????????{
????????????int?newID;
????????????byte[]?cryptPassword?=?EncryptPassword(password);
????????????Data.User?dataUser?=?new?Data.User();
????????????if?((newID?=?dataUser.ValidateLogin(userName,?cryptPassword))?>?0)
????????????????return?new?AccountsPrincipal(newID);
????????????else
????????????????return?null;
????????}
????????///?<summary>
????????///?密码加密
????????///?</summary>
????????public?static?byte[]?EncryptPassword(string?password)
????????{
????????????UnicodeEncoding?encoding?=?new?UnicodeEncoding();
????????????byte[]?hashBytes?=?encoding.GetBytes(password);
????????????SHA1?sha1?=?new?SHA1CryptoServiceProvider();
????????????byte[]?cryptPassword?=?sha1.ComputeHash(hashBytes);
????????????return?cryptPassword;
????????}
????}
}
?
二
?
using?System;
using?System.Data;
using?System.Configuration;
using?System.Web;
using?System.Web.Security;
using?System.Web.UI;
using?System.Web.UI.WebControls;
using?System.Web.UI.WebControls.WebParts;
using?System.Web.UI.HtmlControls;
using?Permission.Common;
namespace?Permission.WebAdmin
{
????///?<summary>
????///?页面基类
????///?</summary>
????public?class?PageBase?:?System.Web.UI.Page
????{
????????protected?override?void?OnInit(EventArgs?e)
????????{
????????????base.OnInit(e);
????????????this.Load?+=?new?System.EventHandler(this.Page_Load);
????????????this.Error?+=?new?System.EventHandler(this.Page_Error);
????????}
????????#region?权限检查
????????///?<summary>
????????///?页面访问权限ID。
????????///?</summary>
????????public?virtual?int?PermissionID
????????{
????????????get?{?return?-1;?}
????????}
????????public?AccountsPrincipal?CurrentPrincipal
????????{
????????????get
????????????{
????????????????if?(Context.User.Identity.IsAuthenticated)
????????????????{
????????????????????AccountsPrincipal?user?=?new?AccountsPrincipal(Context.User.Identity.Name);
????????????????????return?user;
????????????????}
????????????????return?null;
????????????}
????????}
????????///?<summary>
????????///?当前用户信息
????????///?</summary>
????????public?Tb_Accounts_Users?CurrentUser
????????{
????????????get
????????????{
????????????????if?(CurrentPrincipal?==?null)
????????????????{
????????????????????return?null;
????????????????}
????????????????if?(Session["UserInfo"]?==?null)
????????????????{
????????????????????LTP.Accounts.Bus.User?currentUser?=?new?LTP.Accounts.Bus.User(CurrentPrincipal);
????????????????????Session["UserInfo"]?=?currentUser;
????????????????}
????????????????return?Session["UserInfo"]?as?Tb_Accounts_Users;
????????????}
????????}
????????#endregion
????????#region?页面事件
????????private?void?Page_Load(object?sender,?System.EventArgs?e)
????????{
????????????//网站域名或虚拟目录
????????????string?virtualPath?=?ConfigurationManager.AppSettings.Get("VirtualPath");
????????????//登录页地址
????????????string?loginPage?=?ConfigurationManager.AppSettings.Get("LoginPage");
????????????if?(Context.User.Identity.IsAuthenticated)
????????????{
????????????????AccountsPrincipal?user?=?new?AccountsPrincipal(Context.User.Identity.Name);
????????????????if?((PermissionID?!=?-1)?&&?(!user.HasPermissionID(PermissionID)))
????????????????{
????????????????????Response.Clear();
????????????????????Response.Write("<script?defer>window.alert('您没有权限进入本页!');history.back();</script>");
????????????????????Response.End();
????????????????}
????????????}
????????????else
????????????{
????????????????FormsAuthentication.SignOut();
????????????????Session.Clear();
????????????????Session.Abandon();
????????????????Response.Clear();
????????????????Response.Write("<script?defer>window.alert('您没有权限进入本页或当前登录用户已过期!http://www.cnblogs.com/hsapphire/admin/file://n/请重新登录或与管理员联系!');parent.location='"?+?virtualPath?+?"/"?+?loginPage?+?"';</script>");
????????????????Response.End();
????????????}
????????}
????????protected?void?Page_Error(object?sender,?System.EventArgs?e)
????????{
????????????string?errMsg?=?"";
????????????Exception?currentError?=?Server.GetLastError();
????????????errMsg?+=?"系统发生错误:<br/>"?+
????????????????"错误地址:?"?+?Request.Url.ToString()?+?"<br/>"?+
????????????????"错误信息:?"?+?currentError.Message.ToString()?+?"<br/>";
????????????Response.Write(errMsg);
????????????Server.ClearError();//要注意这句代码的使用,清除异常。
????????}
????????#endregion
????????#region?URL参数
????????public?virtual?string?Name
????????{
????????????get
????????????{
????????????????if?((Request["name"]?!=?null)?&&?(Request["name"].ToString()?!=?""))
????????????????{
????????????????????return?Request.QueryString["name"].Trim();
????????????????}
????????????????return?"";
????????????}
????????}
????????#endregion
????}
????
}
三。
?
using?System;
using?System.Collections.Generic;
using?System.Text;
using?Permission.Common;
using?System.Security.Cryptography;
namespace?Permission.WebAdmin
{
????///?<summary>
????///?当前用户的标识对象
????///?</summary>
????[Serializable]
????public?class?SiteIdentity?:?System.Security.Principal.IIdentity
????{
????????#region??用户属性
????????private?string?userName;
????????private?string?trueName;
????????private?string?email;
????????private?byte[]?password;
????????private?int?userID;
????????private?string?sex;
????????///?<summary>
????????///?用户名
????????///?</summary>
????????public?string?UserName
????????{
????????????get
????????????{
????????????????return?userName;
????????????}
????????}
????????///?<summary>
????????///?真实姓名
????????///?</summary>
????????public?string?TrueName
????????{
????????????get
????????????{
????????????????return?trueName;
????????????}
????????}
????????///?<summary>
????????///?邮箱
????????///?</summary>
????????public?string?Email
????????{
????????????get
????????????{
????????????????return?email;
????????????}
????????}
????????///?<summary>
????????///?用户编号
????????///?</summary>
????????public?int?UserID
????????{
????????????get
????????????{
????????????????return?userID;
????????????}
????????}
????????///?<summary>
????????///?密码
????????///?</summary>
????????public?byte[]?Password
????????{
????????????get
????????????{
????????????????return?password;
????????????}
????????}
????????///?<summary>
????????///?性别
????????///?</summary>
????????public?string?Sex
????????{
????????????get
????????????{
????????????????return?sex;
????????????}
????????}
????????#endregion
????????#region?IIdentity?interface?requirments:
????????///?<summary>
????????///?当前用户的名称
????????///?</summary>
????????public?string?Name
????????{
????????????get
????????????{
????????????????return?userName;
????????????}
????????}
????????///?<summary>
????????///?获取所使用的身份验证的类型。
????????///?</summary>
????????public?string?AuthenticationType
????????{
????????????get
????????????{
????????????????return?"Custom?Authentication";
????????????}
????????????set
????????????{
????????????????//?do?nothing
????????????}
????????}
????????///?<summary>
????????///?是否验证了用户
????????///?</summary>
????????public?bool?IsAuthenticated
????????{
????????????get
????????????{
????????????????return?true;
????????????}
????????}
????????#endregion
????????///?<summary>
????????///?根据用户名构造
????????///?</summary>
????????public?SiteIdentity(string?currentUserName)
????????{
????????????Tb_Accounts_Users?entityUser=BllAccess?.?UserDLL.UserGetModelByUserName(currentUserName);
?????????????userName?=?currentUserName;
?????????????trueName?=?entityUser.TrueName;
?????????????email?=?entityUser.Email;
?????????????userID?=?entityUser.UserID;
?????????????password?=?entityUser.Password;
?????????????sex?=?entityUser.Sex;
????????}
????????///?<summary>
????????///?根据用户ID构造
????????///?</summary>
????????public?SiteIdentity(int?currentUserID)
????????{
????????????Tb_Accounts_Users?entityUser?=?UserDLL.UserGetModelByUserID(currentUserID);
????????????userName?=?entityUser.UserName;
????????????trueName?=?entityUser.TrueName;
????????????email?=?entityUser.Email;
????????????userID?=?currentUserID;
????????????password?=?entityUser.Password;
????????????sex?=?entityUser.Sex;
????????}
????????///?<summary>
????????///?检查当前用户对象密码
????????///?</summary>
????????public?int?TestPassword(string?password)
????????{
????????????//?At?some?point,?we?may?have?a?more?complex?way?of?encrypting?or?storing?the?passwords
????????????//?so?by?supplying?this?procedure,?we?can?simply?replace?its?contents?to?move?password
????????????//?comparison?to?the?database?(as?we've?done?below)?or?somewhere?else?(e.g.?another
????????????//?web?service,?etc).
????????????UnicodeEncoding?encoding?=?new?UnicodeEncoding();
????????????byte[]?hashBytes?=?encoding.GetBytes(password);
????????????SHA1?sha1?=?new?SHA1CryptoServiceProvider();
????????????byte[]?cryptPassword?=?sha1.ComputeHash(hashBytes);
????????????return?UserDLL.TestPassword(userID,?cryptPassword);
????????}
????}
}
?