Service的Validate
cs
首先
將Shop傳遞過來的參數保存到Session中
如果用戶沒有登錄
則轉到Customer頁面進行登錄
如果用戶已經登錄了
則將用戶即時狀態傳回給Shop站點
如上所述
這裡將Security重新Hash了一次傳回給Shop
以保證數據不被纂改
private void CustomerValidate()
{
bool Pass = (bool) thisSession[Pass];
if ((thisRequestQueryString[WebSite] != null) && (thisRequestQueryString[WebSite] != ))
{
thisSession[WebSite] = thisRequestQueryString[WebSite];
}
if ((thisRequestQueryString[Security] != null) && (thisRequestQueryString[Security] != ))
{
thisSession[Security] = thisRequestQueryString[Security];
}
if (Pass)
{
string UserID = thisSession[UserID]ToString();
string WebSite = thisSession[WebSite]ToString();
string Security = thisSession[Security]ToString();
byte[] Value;
UnicodeEncoding Code = new UnicodeEncoding();
byte[] Message = CodeGetBytes(Security);
SHAManaged Arithmetic = new SHAManaged();
Value = ArithmeticComputeHash(Message);
Security = ;
foreach(byte o in Value)
{
Security += (int) o + O;
}
thisResponseRedirect(WebSite + /Synchronousaspx?UserID= + UserID + &Pass=True&Security= + Security);
}
else
{
thisResponseRedirect(Customeraspx);
}
}
Service的Customercs和Logincs
Customer主要的是一個用於登錄的表單這裡就不貼出代碼了這裡分析一下Login的一段代碼這段代碼是當登錄是直接在Service完成的(WebSite為空值)則頁面不會轉到Shop或Office站點所以應該暫停在Service站點系統如果比較完美這裡應該顯示一組字系統的轉向鏈接下面我們看到當Pass為真時頁面轉回到Validate頁面通過上面的分析我們知道頁面會轉向Shop的Synchronous頁面進行用戶狀態的同步
if (Pass)
{
if ((thisSession[WebSite]ToString() != ) && (thisSession[Security]ToString() != ))
{
thisResponseRedirect(Validateaspx);
}
else
{
thisResponseWrite();
thisResponseWrite();
thisResponseWrite();
thisResponseWrite();
thisResponseWrite();
thisResponseWrite();
thisResponseWrite();
thisResponseWrite(Pass);
thisResponseWrite();
thisResponseWrite();
thisResponseWrite();
}
}
else
{
thisResponseRedirect(Customeraspx);
}
[] [] [] [] []
From:http://tw.wingwit.com/Article/program/net/201311/14965.html
