ASP.NET prevent被记录在多次相同的用户 [英] ASP.NET prevent the same user being logged in multiple times

问题描述

我有一个ASP.NET web应用程序，由此在同一用户不允许在多次记录的要求。我认为这是prevent人共享用户名和密码。

I have a requirement for an ASP.NET web application whereby the same user is not allowed to be logged in multiple times. I think this is to prevent people from sharing usernames and passwords.

我遇到的问题是，除非用户明确地登出系统是很难说，如果他仍然登录并使用系统或没有。

The problem I am having is that unless a user explicitly logs out of the system it is hard to tell if he is still logged in and using the system or not.

因此​​，我能想到的来实现这一目标的唯一可靠的方法是登录到数据库的用户ID，IP地址和时间戳每一个用户与系统的交互时间，并锁定任何人谁是不是来自该IP地址如果他们试图十分钟记录本表的最后日期内登录。

Hence the only reliable way I can think of to implement this is to log to database the user id, IP address and timestamp every time a user makes an interaction with the system and lock anyone else out who is not from that IP address if they try and log in within ten minutes of the last date logged in this table.

谁能想到更好的方式来管理呢？

Can anyone think of a better way to manage this?

推荐答案

如果您使用ASP.NET的MembershipProvider你可以做这样的事情：

If you use ASP.NET MembershipProvider you can do something like this:

    protected void Login1_LoggingIn(object sender, LoginCancelEventArgs e)
    {
        if (Membership.ValidateUser(Login1.UserName, Login1.Password))
        {
            int time = Membership.UserIsOnlineTimeWindow;

            MembershipUser user = Membership.GetUser(Login1.UserName, true);
            if (user != null)
            {
                if (user.IsOnline)
                {
                    lblMessaggeIsOnLine.Visible = true;
                    e.Cancel = true;
                }
                else
                    lblMessaggeIsOnLine.Visible = false;
            }
        }
    }

这篇关于ASP.NET prevent被记录在多次相同的用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！