修改springsecurity过滤器，每次请求更新redis缓存

3 months ago · 762e9e8a1f
parent f5e0805bb5
commit 762e9e8a1f
6 changed files with 42 additions and 14 deletions
--- a/src/main/java/com/sztzjy/trade/config/security/AuthenticationFilter.java
+++ b/src/main/java/com/sztzjy/trade/config/security/AuthenticationFilter.java
@ -3,6 +3,7 @@ package com.sztzjy.trade.config.security;
 import cn.hutool.extra.servlet.ServletUtil;
 import com.sztzjy.trade.config.Constant;
 import com.sztzjy.trade.config.exception.UnAuthorizedException;
+import com.sztzjy.trade.config.redis.RedisConfig;
 import com.sztzjy.trade.util.RedisUtil;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.MalformedJwtException;
@ -10,6 +11,8 @@ import io.jsonwebtoken.UnsupportedJwtException;
 import io.jsonwebtoken.security.SignatureException;
 import org.checkerframework.checker.units.qual.C;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@ -34,11 +37,16 @@ import java.util.List;
 *
 * @author 陈沅
 */
-@Component
+@Configuration
 public class AuthenticationFilter extends OncePerRequestFilter {
    private final PathMatcher matcher = new AntPathMatcher();
+
+    private final RedisUtil redisUtil;
+
    @Autowired
-    private RedisUtil redisUtil;
+    public AuthenticationFilter(RedisUtil redisUtil) {
+        this.redisUtil = redisUtil;
+    }

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
@ -63,8 +71,15 @@ public class AuthenticationFilter extends OncePerRequestFilter {
        JwtUser currentUser;
        try {
            currentUser = TokenProvider.getJWTUser(token);
+
            response.setCharacterEncoding("UTF-8");
-            redisUtil.set("userId:"+currentUser.getUserId(),System.currentTimeMillis(),3600);
+
+
+
+
+           redisUtil.set("userId:"+currentUser.getUserId(),System.currentTimeMillis(),3600);
+
+
        } catch (ExpiredJwtException e1) {
            response.setStatus(HttpStatus.UNAUTHORIZED.value());
            response.getWriter().print("Token已过期");
--- a/src/main/java/com/sztzjy/trade/config/security/WebSecurityConfig.java
+++ b/src/main/java/com/sztzjy/trade/config/security/WebSecurityConfig.java
@ -5,6 +5,8 @@ import com.sztzjy.trade.annotation.AnonymousAccess;
 import com.sztzjy.trade.config.SpringContextHolder;
 import com.sztzjy.trade.config.exception.handler.CustomAccessDeniedHandler;
 import com.sztzjy.trade.config.exception.handler.CustomAuthenticationEntryPoint;
+import com.sztzjy.trade.util.RedisUtil;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@ -39,6 +41,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        return new BCryptPasswordEncoder();
    }

+    @Autowired
+    private RedisUtil redisUtil;
+

    @Override
    protected void configure(HttpSecurity http) throws Exception {
@ -52,7 +57,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                                .maximumSessions(1)
                                .sessionRegistry(sessionRegistry())
                )
-                .addFilterBefore(new AuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
+                .addFilterBefore(new AuthenticationFilter(redisUtil), UsernamePasswordAuthenticationFilter.class)
                .cors().and()
                .headers().addHeaderWriter(new StaticHeadersWriter("Access-Control-Allow-Headers", "Authorization"))
                .and()
@ -109,7 +114,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        return patterns;
    }

-
    @Bean
    public SessionRegistry sessionRegistry() {
        return new CustomSessionRegistry();
--- a/src/main/java/com/sztzjy/trade/controller/stu/UserController.java
+++ b/src/main/java/com/sztzjy/trade/controller/stu/UserController.java
@ -2,17 +2,21 @@ package com.sztzjy.trade.controller.stu;



+import cn.hutool.core.convert.Convert;
 import com.sztzjy.trade.annotation.AnonymousAccess;
 import com.sztzjy.trade.annotation.OperateLog;
 import com.sztzjy.trade.config.exception.UnAuthorizedException;
 import com.sztzjy.trade.config.security.JwtUser;
 import com.sztzjy.trade.config.security.LoginResult;
 import com.sztzjy.trade.config.security.TokenProvider;
+import com.sztzjy.trade.controller.tch.TchLoginLogAndStuListController;
 import com.sztzjy.trade.entity.StuUser;
 import com.sztzjy.trade.entity.StuUserExample;
 import com.sztzjy.trade.entity.ZYUserInfo;
+import com.sztzjy.trade.entity.dto.LoginLogDTO;
 import com.sztzjy.trade.mapper.StuUserMapper;
 import com.sztzjy.trade.service.StuUserService;
+import com.sztzjy.trade.service.TchLoginLogAndStuListService;
 import com.sztzjy.trade.util.*;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@ -33,6 +37,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@ -56,6 +61,9 @@ public class UserController {
    @Autowired
    private RedisUtil redisUtil;

+    @Autowired
+    private TchLoginLogAndStuListService tchLoginLogAndStuListService;
+


    @AnonymousAccess
@ -106,9 +114,6 @@ public class UserController {
                        loginResult.setSchoolId(Integer.valueOf(stuUser.getSchoolId()));
                        loginResult.setAccessToken(token);

-
-
-
                        redisUtil.set("userId:"+jwtUser.getUserId(),System.currentTimeMillis(),3600);


@ -129,6 +134,7 @@ public class UserController {


                            redisUtil.set("userId:"+jwtUser.getUserId(),System.currentTimeMillis(),3600);
+
                            return new ResultDataEntity<>(HttpStatus.OK,loginResult);
                        }else {
                            throw new UnAuthorizedException("密码错误");
@ -224,4 +230,5 @@ public class UserController {



+
 }
--- a/src/main/java/com/sztzjy/trade/controller/task/TaskController.java
+++ b/src/main/java/com/sztzjy/trade/controller/task/TaskController.java
@ -50,7 +50,7 @@ public class TaskController {
                // 判断时间差是否大于 20 分钟（20 分钟 = 20 * 60 * 1000 毫秒）
                if (timeDifference > time) {
                   //大于20分钟未操作   表明用户已经离线  在线时长+20分钟
-                    System.out.println("大于1分钟未操作"+key);
+                    System.out.println(key+"-->20分钟未操作,已强制离线");
                    String userId = key.split("userId:")[1];

                    //String userId = key.split("userId:").toString();
@ -73,15 +73,14 @@ public class TaskController {

                    redisUtil.del(key);

+
+                }else {
+                    System.out.println("Redis 中没有找到对应的值"+key);
                }
-            } else {
-                System.out.println("Redis 中没有找到对应的值"+key);
            }

-
        }

-
    }

 }
--- a/src/main/java/com/sztzjy/trade/controller/tch/TchLoginLogAndStuListController.java
+++ b/src/main/java/com/sztzjy/trade/controller/tch/TchLoginLogAndStuListController.java
@ -48,7 +48,6 @@ public class TchLoginLogAndStuListController {
        //"yyyy-MM-dd HH:mm:ss"

        //如果在线就不用重复写入数据库
-
        //说明未登录
        if (redisUtil.get("userId:"+loginLogDTO.getUserId())== null) {
            return new ResultEntity(HttpStatus.OK);
--- a/src/main/java/com/sztzjy/trade/service/impl/TchLoginLogAndStuListServiceImpl.java
+++ b/src/main/java/com/sztzjy/trade/service/impl/TchLoginLogAndStuListServiceImpl.java
@ -206,6 +206,8 @@ public class TchLoginLogAndStuListServiceImpl implements TchLoginLogAndStuListSe
    public ResultEntity loginLogBySchoolId(String schoolId, Integer page, Integer size) {
        PageHelper.startPage(page, size);
        TchLoginLogExample example = new TchLoginLogExample();
+        example.setOrderByClause("login_time_last desc");
+        example.setOrderByClause("online desc");
        example.createCriteria().andSchoolIdEqualTo(schoolId);
        List<TchLoginLog> tchLoginLogList = tchLoginLogMapper.selectByExample(example);
        if (!tchLoginLogList.isEmpty()) {
@ -249,6 +251,7 @@ public class TchLoginLogAndStuListServiceImpl implements TchLoginLogAndStuListSe
    public ResultEntity queryCondition(String name, String classID, Date startTime, Date endTime, Integer page, Integer size, String schoolId) {
        PageHelper.startPage(page, size);
        TchLoginLogExample example = new TchLoginLogExample();
+        example.setOrderByClause("login_time_last desc");
        TchLoginLogExample.Criteria criteria = example.createCriteria();
        if (name != null) {
            criteria.andNameLike("%" + name + "%");
@ -287,6 +290,7 @@ public class TchLoginLogAndStuListServiceImpl implements TchLoginLogAndStuListSe
    @Override
    public void exportExcel(Date startTime, Date endTime, String schoolId, HttpServletResponse response) {
        TchLoginLogExample example = new TchLoginLogExample();
+        example.setOrderByClause("login_time_last desc");
        TchLoginLogExample.Criteria criteria = example.createCriteria();
        if (startTime != null && endTime != null) {