public static AdminInfo LoggedAdminInfo;
public AdminInfo Login(string userName, string password)
{
try
{
LoggedAdminInfo=
_dataHelper.Login(userName, password);
return LoggedAdminInfo;
}
catch (Exception e)
{
LogWriter.Default.WriteError(e);
return null;
}
}你这里设置的LoggedAdminInfo对象是个全局对象 每当客户端调用Login的时候 就给赋予了新的值,当你第二个账户登陆的时候服务端的LoggedAdminInfo已经变成了第二个登录用户的了 当然你刷新在取这个值肯定成第二个用户的值了
{
List<IdcInfo> idcInfos = new List<IdcInfo>(); AdminInfo currentUser = AdminService.LoggedAdminInfo;///获得当前用户信息
if (currentUser == null)
return idcInfos;
if (idcInfo == null || idcInfo.Count == 0)
return idcInfos;
AdminService AdminInfoSync = new AdminService(); var admins = AdminInfoSync.GetAdmins();
if (admins == null || admins.Count == 0)
{
LogWriter.Default.WriteError("Get Admin list failed, So can not filter IdcInfo.");
return null;
}
List<AdminRole> roles = AdminInfoSync.GetRoles();
if (!roles.Any())
return idcInfo;
AdminRole role = roles.Where(x => x.Id == currentUser.RoleId).FirstOrDefault();
List<AdminDataLimits> limits = AdminInfoSync.GetAdminDataLimits();
if (!limits.Any())
return idcInfo;
var currentLimits = limits.Where(x => x.AdminId == currentUser.Id).ToList();
List<string> dataLimitsStringArr = new List<string>();
currentLimits.ForEach(x =>
{
string[] limitStrings = x.DataLimits.Split(',');
foreach (var s in limitStrings)
{
dataLimitsStringArr.Add(s);
}
});
idcInfo.ForEach(x =>
{
var opAdmin = admins.FirstOrDefault(a => a.Account == x.Operator);
if (opAdmin == null)//IDC所属管理员已经不存在
{
if (role.RoleName == "超级管理员")//并且当前登录用户不是超级管理员
idcInfos.Add(x);
}
else//IDC所属管理员存在
{
if (dataLimitsStringArr.Contains(opAdmin.Id.ToString()))//当前登录用户是否有查看此数据的权限。有的话就把当前用户数据给添加进集合
idcInfos.Add(x);
}
});
return idcInfos;
}
catch (Exception e)
{
LogWriter.Default.WriteError(string.Format("Filter IdcInfo occur error; {0}", e));
return null;
}
这个看需求吧,个人建议可以在用户上加安全令牌登录成功后分发给客户端一个安全令牌(保存为客户端的常量),然后需要取数据的时候,客户端用安全令牌去访问服务端的相关方法,这样服务端就只需要对安全令牌进行管理,代码维护也方便了
你可以baidu下 sso 令牌
你可以baidu下 sso 令牌单点登录呀,不太明白?求一个DEMO