修改springsecurity过滤器,每次请求更新redis缓存

main
whb 3 months ago
parent f5e0805bb5
commit 762e9e8a1f

@ -3,6 +3,7 @@ package com.sztzjy.trade.config.security;
import cn.hutool.extra.servlet.ServletUtil;
import com.sztzjy.trade.config.Constant;
import com.sztzjy.trade.config.exception.UnAuthorizedException;
import com.sztzjy.trade.config.redis.RedisConfig;
import com.sztzjy.trade.util.RedisUtil;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.MalformedJwtException;
@ -10,6 +11,8 @@ import io.jsonwebtoken.UnsupportedJwtException;
import io.jsonwebtoken.security.SignatureException;
import org.checkerframework.checker.units.qual.C;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
@ -34,11 +37,16 @@ import java.util.List;
*
* @author
*/
@Component
@Configuration
public class AuthenticationFilter extends OncePerRequestFilter {
private final PathMatcher matcher = new AntPathMatcher();
private final RedisUtil redisUtil;
@Autowired
private RedisUtil redisUtil;
public AuthenticationFilter(RedisUtil redisUtil) {
this.redisUtil = redisUtil;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
@ -63,8 +71,15 @@ public class AuthenticationFilter extends OncePerRequestFilter {
JwtUser currentUser;
try {
currentUser = TokenProvider.getJWTUser(token);
response.setCharacterEncoding("UTF-8");
redisUtil.set("userId:"+currentUser.getUserId(),System.currentTimeMillis(),3600);
redisUtil.set("userId:"+currentUser.getUserId(),System.currentTimeMillis(),3600);
} catch (ExpiredJwtException e1) {
response.setStatus(HttpStatus.UNAUTHORIZED.value());
response.getWriter().print("Token已过期");

@ -5,6 +5,8 @@ import com.sztzjy.trade.annotation.AnonymousAccess;
import com.sztzjy.trade.config.SpringContextHolder;
import com.sztzjy.trade.config.exception.handler.CustomAccessDeniedHandler;
import com.sztzjy.trade.config.exception.handler.CustomAuthenticationEntryPoint;
import com.sztzjy.trade.util.RedisUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
@ -39,6 +41,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
return new BCryptPasswordEncoder();
}
@Autowired
private RedisUtil redisUtil;
@Override
protected void configure(HttpSecurity http) throws Exception {
@ -52,7 +57,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.maximumSessions(1)
.sessionRegistry(sessionRegistry())
)
.addFilterBefore(new AuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(new AuthenticationFilter(redisUtil), UsernamePasswordAuthenticationFilter.class)
.cors().and()
.headers().addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Headers", "Authorization"))
.and()
@ -109,7 +114,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
return patterns;
}
@Bean
public SessionRegistry sessionRegistry() {
return new CustomSessionRegistry();

@ -2,17 +2,21 @@ package com.sztzjy.trade.controller.stu;
import cn.hutool.core.convert.Convert;
import com.sztzjy.trade.annotation.AnonymousAccess;
import com.sztzjy.trade.annotation.OperateLog;
import com.sztzjy.trade.config.exception.UnAuthorizedException;
import com.sztzjy.trade.config.security.JwtUser;
import com.sztzjy.trade.config.security.LoginResult;
import com.sztzjy.trade.config.security.TokenProvider;
import com.sztzjy.trade.controller.tch.TchLoginLogAndStuListController;
import com.sztzjy.trade.entity.StuUser;
import com.sztzjy.trade.entity.StuUserExample;
import com.sztzjy.trade.entity.ZYUserInfo;
import com.sztzjy.trade.entity.dto.LoginLogDTO;
import com.sztzjy.trade.mapper.StuUserMapper;
import com.sztzjy.trade.service.StuUserService;
import com.sztzjy.trade.service.TchLoginLogAndStuListService;
import com.sztzjy.trade.util.*;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
@ -33,6 +37,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@ -56,6 +61,9 @@ public class UserController {
@Autowired
private RedisUtil redisUtil;
@Autowired
private TchLoginLogAndStuListService tchLoginLogAndStuListService;
@AnonymousAccess
@ -106,9 +114,6 @@ public class UserController {
loginResult.setSchoolId(Integer.valueOf(stuUser.getSchoolId()));
loginResult.setAccessToken(token);
redisUtil.set("userId:"+jwtUser.getUserId(),System.currentTimeMillis(),3600);
@ -129,6 +134,7 @@ public class UserController {
redisUtil.set("userId:"+jwtUser.getUserId(),System.currentTimeMillis(),3600);
return new ResultDataEntity<>(HttpStatus.OK,loginResult);
}else {
throw new UnAuthorizedException("密码错误");
@ -224,4 +230,5 @@ public class UserController {
}

@ -50,7 +50,7 @@ public class TaskController {
// 判断时间差是否大于 20 分钟20 分钟 = 20 * 60 * 1000 毫秒)
if (timeDifference > time) {
//大于20分钟未操作 表明用户已经离线 在线时长+20分钟
System.out.println("大于1分钟未操作"+key);
System.out.println(key+"-->20分钟未操作,已强制离线");
String userId = key.split("userId:")[1];
//String userId = key.split("userId:").toString();
@ -73,15 +73,14 @@ public class TaskController {
redisUtil.del(key);
}else {
System.out.println("Redis 中没有找到对应的值"+key);
}
} else {
System.out.println("Redis 中没有找到对应的值"+key);
}
}
}
}

@ -48,7 +48,6 @@ public class TchLoginLogAndStuListController {
//"yyyy-MM-dd HH:mm:ss"
//如果在线就不用重复写入数据库
//说明未登录
if (redisUtil.get("userId:"+loginLogDTO.getUserId())== null) {
return new ResultEntity(HttpStatus.OK);

@ -206,6 +206,8 @@ public class TchLoginLogAndStuListServiceImpl implements TchLoginLogAndStuListSe
public ResultEntity loginLogBySchoolId(String schoolId, Integer page, Integer size) {
PageHelper.startPage(page, size);
TchLoginLogExample example = new TchLoginLogExample();
example.setOrderByClause("login_time_last desc");
example.setOrderByClause("online desc");
example.createCriteria().andSchoolIdEqualTo(schoolId);
List<TchLoginLog> tchLoginLogList = tchLoginLogMapper.selectByExample(example);
if (!tchLoginLogList.isEmpty()) {
@ -249,6 +251,7 @@ public class TchLoginLogAndStuListServiceImpl implements TchLoginLogAndStuListSe
public ResultEntity queryCondition(String name, String classID, Date startTime, Date endTime, Integer page, Integer size, String schoolId) {
PageHelper.startPage(page, size);
TchLoginLogExample example = new TchLoginLogExample();
example.setOrderByClause("login_time_last desc");
TchLoginLogExample.Criteria criteria = example.createCriteria();
if (name != null) {
criteria.andNameLike("%" + name + "%");
@ -287,6 +290,7 @@ public class TchLoginLogAndStuListServiceImpl implements TchLoginLogAndStuListSe
@Override
public void exportExcel(Date startTime, Date endTime, String schoolId, HttpServletResponse response) {
TchLoginLogExample example = new TchLoginLogExample();
example.setOrderByClause("login_time_last desc");
TchLoginLogExample.Criteria criteria = example.createCriteria();
if (startTime != null && endTime != null) {

Loading…
Cancel
Save