我有一个网站,我希望使用Cookie为所有用户存储用户记录,甚至是匿名用户。然后,即使他们回来,我也可以跟踪他们的行为并向他们展示相关内容。
我目前呼叫用户的方式是使用以下代码。它在我测试它时效果很好,但我可以在日志/数据库中看到它有时会被垃圾邮件发送(同一个访问者会收到数百个匿名用户)。在这段代码中可能会出现严重错误,所以我很快就会找到很多用户。
任何人都可以看到问题/解决方法吗?
public SystemUser SystemUser
{
get
{
if(!HttpContext.Current.Request.Browser.Cookies)
{
logger.Info("Users browser did not allow cookies (crawler?)");
return CreateEmptyUser();
}
var user = HttpContext.Current.Session[Constants.Sessions.LoginUser] as SystemUser;
if(user == null)
{
logger.Info("User was null - first page visit");
var httpCookie = HttpContext.Current.Request.Cookies[Constants.Cookies.AnonymousUser];
if (httpCookie == null || httpCookie.Value == string.Empty)
{
// totally new user - new anonymous user
var userFromId = SetupAnonymousUser();
logger.Info("We have a totally new visitor coming to our site. Userid: " + userFromId.UserId);
}
else
{
logger.Info("User has been here before, as the anonymous user cookie wasn't null");
// anonymousUser - has been there before
var anonymousUser = httpCookie.Value;
int userid;
int.TryParse(anonymousUser, out userid);
if(userid > 0)
{
logger.Info("Getting user from id: " + userid);
var userFromId = UserManager.GetUser(userid);
if(userFromId != null)
{
HttpContext.Current.Session[Constants.Sessions.LoginUser] = userFromId;
}
else
{
logger.Error("User has been here before, but couldnt find in database. Anonymous cookie deleted maybe?");
SetupAnonymousUser();
}
}
logger.Info("User has been there before: " + userid);
}
}
var initializedUser = HttpContext.Current.Session[Constants.Sessions.LoginUser] as SystemUser;
if(initializedUser != null)
{
return initializedUser;
}
else
{
logger.Info("Creating an empty user as initialized user was null");
return CreateEmptyUser();
}
}
set { HttpContext.Current.Session[Constants.Sessions.LoginUser] = value; }
}
我们的SetupAnonymousUser():
private static SystemUser SetupAnonymousUser()
{
int userid = CreateAnonymousUser();
var newCookie = new HttpCookie(Constants.Cookies.AnonymousUser)
{
Value = userid.ToString(),
Expires = DateTime.Now.AddDays(365)
};
var userFromId = UserManager.GetUser(userid);
HttpContext.Current.Session[Constants.Sessions.LoginUser] = userFromId;
HttpContext.Current.Response.Cookies.Add(newCookie);
return userFromId;
}
编辑:
对于出错的情况,这是一些日志:
2012-11-04 13:58:40,298 [7] INFO GKBusiness.Context.SystemContext [(null)] - User was null - first page visit
2012-11-04 13:58:40,313 [7] INFO GKBusiness.Context.SystemContext [(null)] - Anonymous user created - with user id GKBusiness.Data.SystemUser
2012-11-04 13:58:40,313 [7] INFO GKBusiness.Context.SystemContext [(null)] - We have a totally new visitor coming to our site. Userid: 4466
2012-11-04 13:58:40,391 [7] INFO GKBusiness.Context.SystemContext [(null)] - User was null - first page visit
2012-11-04 13:58:40,391 [7] INFO GKBusiness.Context.SystemContext [(null)] - Anonymous user created - with user id GKBusiness.Data.SystemUser
2012-11-04 13:58:40,391 [7] INFO GKBusiness.Context.SystemContext [(null)] - We have a totally new visitor coming to our site. Userid: 4467
答案 0 :(得分:1)
代码本身看起来并不存在缺陷,但有一些可能会导致您遇到的问题(同一个用户有多个“匿名用户”条目)。
为了帮助查明问题,我建议在代码中添加更多logger.Info个引用,更具体地说,当您从用户那里获得cookie时,但由于某种原因,它的格式不正确:
这样,当您能够重现问题时,您可以检查日志并查看导致此问题的原因。
我还应该提一下,由于客户端可以修改cookie,你应该考虑使用Guid而不是数字UserId - 这会让那些试图“冒充”其他用户的人更难。 / p>