简体繁体 English

如何检测多个相似的登录会话的发生

[英]How to detect occurence of multiple, similar logged-in sessions

原文 2016-05-30 09:02:19 0 1 c#/ sql/ .net/ windows/ tsql

Currently, my .NET windows desktop app runs a background worker to check against the database (MSSQL 2008) whether a user has logged in to the app multiple times through other computers/devices. 当前，我的.NET Windows桌面应用程序运行后台工作程序，以对照数据库（MSSQL 2008）检查用户是否已通过其他计算机/设备多次登录该应用程序。

How it's done is the background worker would run a check in the database and compare whether the last login IP address of the user is the same as the IP Address stored in the user session in the app. 后台工作人员将如何执行此操作，以便在数据库中进行检查并比较用户的最后登录IP地址是否与应用程序中用户会话中存储的IP地址相同。

If the IP addreses do not match (which means the user has logged in with another computer/device), the app would display a prompt asking the user to relogin. 如果IP地址不匹配（这意味着用户已使用另一台计算机/设备登录），则该应用将显示提示，要求用户重新登录。 This also means only the app in the previously logged-in computer would show the message, not the currently logged-in computer. 这也意味着只有以前登录的计算机中的应用程序才会显示该消息，而不会显示当前登录的计算机。

If the IP addreses do match, the background worker (which is in a thread) will sleep for 5 minutes and repeat the checking process when it wakes up. 如果IP地址确实匹配，则后台工作程序（处于线程中）将休眠5分钟，并在唤醒时重复检查过程。

Problem 问题

The checking occurs every interval of 5 minutes and I feel it is too long. 每隔5分钟检查一次，我觉得时间太长。 However, if I make it shorter, it will consume more resources. 但是，如果我将其缩短，则会消耗更多资源。

Idea(s) 想法

The closest I can think of is using Trigger but AFAIK, Triggers only serve to trigger other sql statements, not to trigger a function block in the app. 我能想到的最接近的是使用触发器，但使用AFAIK，触发器仅用于触发其他sql语句，而不用于触发应用程序中的功能块。

Another idea I can think of is sending packets containing these user session info to all computers in the same network and implement an event handler to listen to the events that catch these packets... but I don't know if this is possible. 我可以想到的另一个想法是，将包含这些用户会话信息的数据包发送到同一网络中的所有计算机，并实现一个事件处理程序以侦听捕获这些数据包的事件……但是我不知道这是否可行。

1 个解决方案

depending on the architecture of your application you can move the check on the database. 根据应用程序的体系结构，您可以在数据库上移动检查。

let's pretend you create the function MultipleLogin(@IPAddress,@UserName) that produces 1 when multiple session are found. 假设您创建了功能MultipleLogin(@IPAddress,@UserName) ，当发现多个会话时会产生1。

now add a call to that function in each and every stored procedure of your application and test for the output value: if multiple session are active raise an exception to be trapped & handled on the client. 现在，在应用程序的每个存储过程中添加对该函数的调用，并测试输出值：如果多个会话处于活动状态，则会引发一个异常，该异常将在客户端上捕获和处理。

the advantage: 优势：

you perform the check only when the user does anything, avoiding background tasks and processes not related to the application core functions 您仅在用户执行任何操作时才执行检查，避免了与应用程序核心功能无关的后台任务和过程
should you ever need to change the logic of the check, no need to update the clients 您是否需要更改检查逻辑，而无需更新客户端

the disadvantage: 缺点：

you perform the check only when the user does anything, so the duplicate session may go unnoticed for some time 您仅在用户执行任何操作时才执行检查，因此重复会话可能会在一段时间内未被注意
the check is performed in many places and depending on the size of the project this may be an issue 检查在很多地方进行，根据项目的大小，这可能是一个问题