ASP.NET MVC结合JavaScript登录、校验和加密_实用技巧_

 /*需要引入三个JS文件，BigInt.js、RSA.js和Barrett.js，用到cookie则需要引入jquery.cookie.js文件*/ //与后台交互获取公钥 function getPublicKey() { var pubKey = ''; if ($.cookie('publicKey') == null) { $.ajax({ url: "/Account/GetRsaPublicKey", type: "get", contentType: "application/x-www-form-urlencoded; charset=utf-8", async: false, data: {}, dataType: "json", success: function (data) { if (data.Code == 0) { pubKey = data.RsaPublicKey + "," + data.Key; $.cookie('publicKey', pubKey, { expires: 1 / 1440 }); } else { Config.Method.JudgeCode(data, 1); } } }); } else { pubKey = $.cookie('publicKey'); } return pubKey; } //公钥加密用户密码Pwd为RSA加密后参数 function rsaEncrypt(pwd) { var publicKey = getPublicKey(); setMaxDigits(129); var rsaKey = new RSAKeyPair(publicKey.split(",")[0], "", publicKey.split(",")[1]); var pwdRtn = encryptedString(rsaKey, pwd); return pwdRtn + "," + publicKey.split(",")[2]; } //POST登录请求，参数 

 [HttpPost] public JsonResult UserLogin(string UserName, string Pwd, string Key, string RUrl) { string privateKey = Common.CacheGet(Key) as string; if (!string.IsNullOrEmpty(privateKey)) { if (string.IsNullOrEmpty(UserName)) { return Json(new { result = false, message = "用户名为空" }, JsonRequestBehavior.AllowGet); } if (string.IsNullOrEmpty(Pwd)) { return Json(new { result = false, message = "用户密码为空" }, JsonRequestBehavior.AllowGet); } string pwd = Common.DecryptRSA(Pwd, privateKey);//私钥解密 string md5Pwd = Common.NoneEncrypt(Common.NoneEncrypt(Common.NoneEncrypt(pwd, 1), 1), 1);//将解密后的值md5加密3次 AccountUnserInfo userInfo = bll.GetUserInfo(UserName.Trim(), md5Pwd); if (userInfo != null && userInfo.U_Id > 0)//用户信息存在 { //用户名、密码放入cookie HttpCookie cookie = new HttpCookie("fw_izz"); //AES加密Cookie cookie["u_name"] = AesEncryptHelper.EncryptAes(UserName); cookie["u_pwd"] = AesEncryptHelper.EncryptAes(pwd); cookie.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cookie); if (!string.IsNullOrEmpty(RUrl))//接收隐藏域中的值 { return Json(new { result = true, message = "成功", url = RUrl }); } else { return Json(new { result = true, message = "成功", url = "/AccountDetail/Index" }); } } else { return Json(new { result = false, message = "用户信息不存在", url = "/Account/Index" }); } } else { return Json(new { result = false, message = "非法秘钥", url = "/Account/Index" }); } }

 public class Common { /// 
 /// 产生一组RSA公钥、私钥 /// 
 ///  public static Dictionary CreateRsaKeyPair() { var keyPair = new Dictionary(); var rsaProvider = new RSACryptoServiceProvider(1024); RSAParameters parameter = rsaProvider.ExportParameters(true); keyPair.Add("PUBLIC", BytesToHexString(parameter.Exponent) + "," + BytesToHexString(parameter.Modulus)); keyPair.Add("PRIVATE", rsaProvider.ToXmlString(true)); return keyPair; } /// 
 /// RSA解密字符串 /// 
 /// 密文 /// 私钥 /// 明文 public static string DecryptRSA(string encryptData, string privateKey) { string decryptData = ""; try { var provider = new RSACryptoServiceProvider(); provider.FromXmlString(privateKey); byte[] result = provider.Decrypt(HexStringToBytes(encryptData), false); ASCIIEncoding enc = new ASCIIEncoding(); decryptData = enc.GetString(result); } catch (Exception e) { throw new Exception("RSA解密出错!", e); } return decryptData; } private static string BytesToHexString(byte[] input) { StringBuilder hexString = new StringBuilder(64); for (int i = 0; i < input.Length; i++) { hexString.Append(String.Format("{0:X2}", input[i])); } return hexString.ToString(); } public static byte[] HexStringToBytes(string hex) { if (hex.Length == 0) { return new byte[] { 0 }; } if (hex.Length % 2 == 1) { hex = "0" + hex; } byte[] result = new byte[hex.Length / 2]; for (int i = 0; i < hex.Length / 2; i++) { result[i] = byte.Parse(hex.Substring(2 * i, 2), System.Globalization.NumberStyles.AllowHexSpecifier); } return result; } private static ObjectCache Cache { get { return MemoryCache.Default; } } /// 
 /// 获取缓存 /// 
 ///  ///  public static object CacheGet(string key) { return Cache[key]; } /// 
 /// 设置缓存 /// 
 ///  ///  ///  public static void CacheSet(string key, object data, int cacheTime) { CacheItemPolicy policy = new CacheItemPolicy(); policy.AbsoluteExpiration = DateTime.Now + TimeSpan.FromMinutes(cacheTime); Cache.Add(new CacheItem(key, data), policy); } /// 
 /// 判断缓存是否存在 /// 
 ///  ///  public static bool IsSet(string key) { return (Cache[key] != null); } /// 
 /// 缓存失效 /// 
 ///  public static void CacheRemove(string key) { Cache.Remove(key); } /// 
 /// 对字符串进行加密（不可逆） /// 
 /// 要加密的字符串 /// 加密方式,0 is SHA1,1 is MD5 ///  public static string NoneEncrypt(string Password, int Format) { string strResult = ""; switch (Format) { case 0: strResult = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "SHA1"); break; case 1: strResult = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5"); break; default: strResult = Password; break; } return strResult; } }