在Asp.net每个用户只有一个并发登录 [英] Only one concurrent login per user in Asp.net
问题描述
是有可能允许Asp.Net Web应用程序中每个用户只有一个并发登录?
is it possible to allow only one concurrent login per user in Asp.Net web application?
我的工作中,我要确保该网站允许每个用户只需登录一次一次一个Web应用程序。如何检查当前用户已经登录或没有。
I am working on one web application in which i want to make sure that website allow only one login per user at a time . How to check that current user already logged in or not .
建议适当的登录方法,通过它我们可以处理这个问题。我认为我们应该使用SQL Server会话状态来处理这个问题。你有什么建议?
suggest proper login method by which we can handle this problem . I think we should use sql server session state to handle this problem . what you suggest ?
我想为它的解决方案。我不知道它是否是合适与否。我们可以这样做:
I thought one solution for it . i don't know whether it is proper or not . we can do something like :
-
当用户登录到系统,然后我们插入在用户列会话ID。 (我们将使用数据库会话,使我们可以得到这样isexpired,expiredatetime等容易的所有会话相关的数据)。
When user login into the system then we insert session id in user column . (we will use database session so that we can get all session related data like isexpired , expiredatetime etc easily).
在相同的用户尝试登录第二次那么我们将检查该会话ID列,并检查该会话已经过期或没有。如果会话不是过期的话,我们不会让用户登录。
When same user try to login second time then we will check for that session id column and check that session is already expired or not . if session is not expired then we will not allow user to login .
更新用户会话每次当用户注销时ID。
Update user session ID every time when user log out .
请提出这个正确的方法还是不行。
Please suggest this proper way or not.
推荐答案
请参考:
<一个href=\"http://stackoverflow.com/questions/15903574/asp-net-mvc4-when-the-same-user-id-is-trying-to-log-in-on-multiple-devices-ho\">ASP.NET MVC4 - ?当同一个用户ID尝试登录多个设备上,我怎么杀死其他设备上的会话
开箱,.NET不支持此功能。 .NET允许并发登录插件,因为我相信你知道。
Out of the box, .NET does not support this. .NET allows for concurrent log-ins, as I'm sure you're aware.
我有这种完全相同的要求,以pretty圆滑的解决方案,在上面的链接证明了上来。简单地说,我的要求是只能有一个用户登录在同一时间发生。如果同一用户ID尝试在其他地方登录,然后通过检查现有的登录根据不同的会话ID杀死第一个登录会话(这使要从多个实例登录的用户ID的他们的电脑[相同的会话ID],这是常见的,但不是从不同的计算机[不同的会话ID(可能是由于有人偷了他们的凭证,例如))上的Web浏览器。通过code修饰你很可能改变这种行为 - 而不是杀人,即prevent第二次登录尝试的第一个日志,在这已经活跃在使用
I had this same exact requirement, and came up with a pretty slick solution, demonstrated in the link above. In a nutshell, my requirement was to only have one user log-in happening at one time. If that same user ID tried to log in elsewhere, then it killed the session for the first log-in by checking for an existing log-in under a different Session ID (this enabled the user ID to be logged in from multiple instances of their web browser on their computer [same Session ID], which is common, but not from a different computer [different Session ID] (possibly due to someone that stole their credentials, for example)). Through modification of the code you could probably change the behavior of this - i.e., prevent the second log-in attempt instead of killing the first log-in that's already active and in use.
当然,它可能不适合100%你需要什么,可以随意修改它以满足您的需求。
Of course, it may not fit 100% to what you're needing, so feel free to modify it to fit your needs.
这篇关于在Asp.net每个用户只有一个并发登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!