public class Login : IHttpHandler, System.Web.SessionState.IRequiresSessionState
{
public void ProcessRequest(HttpContext context)
{
try
{
var jsonString = String.Empty;
using (var inputStream = new StreamReader(context.Request.InputStream))
{
jsonString = inputStream.ReadToEnd();
}
User user = JsonConvert.DeserializeObject<User>(jsonString);
BusinessEntities.LoginSession ls = new BusinessEntities.LoginSession();
ls = VerifyLoginCredentials(user.Username.Trim(), user.Password.Trim());
context.Session["user"] = null;
context.Session.Clear();
if (ls.isValid)
{
context.Session["user"] = ls;
context.Response.Write("1");
}
else
{
context.Response.Write("0");
}
}
catch (Exception ex)
{
context.Response.Write("0");
}
}
public bool IsReusable
{
get
{
return false;
}
}
}
有很多用户使用此方法登录系统。有时在登录会话后需要另一个会话值。
假设用户A和B已登录,用户A发送请求以获取产品详细信息,但用户A收到用户B的结果。这很奇怪。我做错了什么?
修改
public static BusinessEntities.LoginSession VerifyLoginCredentials(string username, string password)
{
return DAL.Creadentials.VerifyLoginCredentials(username, password);
}
public class LoginSession
{
public bool isValid { get; set; }
public string Username { get; set; }
public string NewId { get; set; }
public DateTime PasswordLastResetDate { get; set; }
}