diff --git a/OpenAuth.App/SSO/SSOController.cs b/OpenAuth.App/SSO/SSOController.cs
index 0911556d243f86a4f52297ed8c8937b62d488fab..432b596ef561064e6b9fd7ff45ceae97bad92762 100644
--- a/OpenAuth.App/SSO/SSOController.cs
+++ b/OpenAuth.App/SSO/SSOController.cs
@@ -32,16 +32,7 @@ namespace OpenAuth.App.SSO
//Token by QueryString
var request = filterContext.HttpContext.Request;
- if (request.QueryString[Token] != null)
- {
- token = request.QueryString[Token];
- var cookie = new HttpCookie(Token, token)
- {
- Expires = DateTime.Now.AddDays(10)
- };
- filterContext.HttpContext.Response.Cookies.Add(cookie);
- }
- else if (request.Cookies[Token] != null) //从Cookie读取Token
+ if (request.Cookies[Token] != null) //从Cookie读取Token
{
token = request.Cookies[Token].Value;
}
diff --git a/OpenAuth.Mvc/Controllers/LoginController.cs b/OpenAuth.Mvc/Controllers/LoginController.cs
index f3744fda41c6862e7a870237761990614523fd3f..29948afcd91dd9cb28d477c388e0fc5b4371b4e4 100644
--- a/OpenAuth.Mvc/Controllers/LoginController.cs
+++ b/OpenAuth.Mvc/Controllers/LoginController.cs
@@ -3,6 +3,7 @@ using System.Configuration;
using System.Web.Mvc;
using Infrastructure;
using OpenAuth.App.SSO;
+using System.Web;
namespace OpenAuth.Mvc.Controllers
{
@@ -24,9 +25,17 @@ namespace OpenAuth.Mvc.Controllers
try
{
var result = AuthUtil.Login(_appKey, username, password);
- if (result.Code ==200)
+ if (result.Code == 200)
{
- resp.Result = "/home/index?Token=" + result.Token;
+
+ var cookie = new HttpCookie("Token", result.Token)
+ {
+ Expires = DateTime.Now.AddDays(10)
+ };
+ Response.Cookies.Add(cookie);
+ resp.Result = "/home/index";
+ ///拿掉地址栏Token,因为特别不安全。
+ ///小王,xxx系统的地址是多少。。。然后账号就
}
else
{
@@ -48,9 +57,19 @@ namespace OpenAuth.Mvc.Controllers
{
try
{
- var result = AuthUtil.Login(_appKey, "System","123456");
- if (result.Code ==200)
- return Redirect("/home/index?Token=" + result.Token);
+ var result = AuthUtil.Login(_appKey, "System", "123456");
+ if (result.Code == 200)
+ {
+
+ var cookie = new HttpCookie("Token", result.Token)
+ {
+ Expires = DateTime.Now.AddDays(10)
+ };
+ Response.Cookies.Add(cookie);
+ return Redirect("/home/index");
+ ///拿掉地址栏Token,因为特别不安全。
+ ///小王,xxx系统的地址是多少。。。然后账号就
+ }
else
{
return RedirectToAction("Index", "Login");
diff --git a/OpenAuth.WebApi/Web.config b/OpenAuth.WebApi/Web.config
index a256e112186e6045155e412ad4768adfcf298d58..aaa575e12ca4e8fc74307d05fdb766dd0c5fd708 100644
--- a/OpenAuth.WebApi/Web.config
+++ b/OpenAuth.WebApi/Web.config
@@ -4,117 +4,118 @@
http://go.microsoft.com/fwlink/?LinkId=301879
-->
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
-
-
-
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/OpenAuth.WebTest/Controllers/LoginController.cs b/OpenAuth.WebTest/Controllers/LoginController.cs
index 430a6271eef1c84329caa8df9ecffef72b8e174c..e4c4160d47b655d2e9416ecbbb8da21ac703fd2d 100644
--- a/OpenAuth.WebTest/Controllers/LoginController.cs
+++ b/OpenAuth.WebTest/Controllers/LoginController.cs
@@ -1,6 +1,8 @@
using System.Configuration;
using System.Web.Mvc;
using OpenAuth.App.SSO;
+using System.Web;
+using System;
namespace OpenAuth.WebTest.Controllers
{
@@ -19,7 +21,17 @@ namespace OpenAuth.WebTest.Controllers
{
var result = AuthUtil.Login(_appKey, username, password);
if (result.Code == 200)
- return Redirect("/home/index?Token=" + result.Token);
+ {
+
+ var cookie = new HttpCookie("Token", result.Token)
+ {
+ Expires = DateTime.Now.AddDays(10)
+ };
+ Response.Cookies.Add(cookie);
+ return Redirect("/home/index");
+ ///拿掉地址栏Token,因为特别不安全。
+ ///小王,xxx系统的地址是多少。。。然后账号就
+ }
else
{
return View(result);