From 56dfe0d4bf81262622a1919cceb2b039fd356209 Mon Sep 17 00:00:00 2001
From: 无关风月 <443237572@qq.com>
Date: 星期二, 03 九月 2024 16:52:49 +0800
Subject: [PATCH] 代码提交 bug解决
---
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java | 144 ++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 138 insertions(+), 6 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
index b443c96..04e3002 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
@@ -2,10 +2,13 @@
import java.util.HashMap;
import java.util.Map;
+import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
+import com.alibaba.fastjson2.JSONObject;
import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.exception.ManagementException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.ruoyi.common.core.constant.CacheConstants;
@@ -38,6 +41,7 @@
private final static long EXPIRE_TIME = CacheConstants.EXPIRATION;
private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
+ private final static String ACCESS_TOKEN_DEVICE = CacheConstants.LOGIN_TOKEN_KEY_DEVICE;
private final static Long MILLIS_MINUTE_TEN = CacheConstants.REFRESH_TIME * MILLIS_MINUTE;
@@ -67,6 +71,33 @@
}
/**
+ * 扫描设备登录
+ * @param loginUser
+ * @return
+ */
+ public Map<String, Object> createToken1(LoginUser loginUser)
+ {
+ String token = IdUtils.fastUUID();
+ Long userId = loginUser.getSysUser().getUserId();
+ String userName = loginUser.getSysUser().getUserName();
+ loginUser.setToken(token);
+ loginUser.setUserid(userId);
+ loginUser.setUsername(userName);
+ loginUser.setIpaddr(IpUtils.getIpAddr());
+ refreshToken1(loginUser);
+ // Jwt存储信息
+ Map<String, Object> claimsMap = new HashMap<String, Object>();
+ claimsMap.put(SecurityConstants.USER_KEY_DEVICE, token);
+ claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
+ claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
+ // 接口返回信息
+ Map<String, Object> rspMap = new HashMap<String, Object>();
+ rspMap.put("access_token", JwtUtils.createToken(claimsMap));
+ rspMap.put("expires_in", EXPIRE_TIME);
+ return rspMap;
+ }
+
+ /**
* 获取用户身份信息
*
* @return 用户信息
@@ -74,6 +105,10 @@
public LoginUser getLoginUser()
{
return getLoginUser(ServletUtils.getRequest());
+ }
+ public LoginUser getLoginUserDevice()
+ {
+ return getLoginUserDevice(ServletUtils.getRequest());
}
/**
@@ -87,6 +122,12 @@
String token = SecurityUtils.getToken(request);
return getLoginUser(token);
}
+ public LoginUser getLoginUserDevice(HttpServletRequest request)
+ {
+ // 获取请求携带的令牌
+ String token = SecurityUtils.getToken(request);
+ return getLoginUserDevice(token);
+ }
/**
* 获取用户身份信息
@@ -96,18 +137,49 @@
public LoginUser getLoginUser(String token)
{
LoginUser user = null;
- try
- {
+
if (StringUtils.isNotEmpty(token))
{
String userkey = JwtUtils.getUserKey(token);
user = redisService.getCacheObject(getTokenKey(userkey));
+ // 再次判断登录状态是否已过期 isBig不为空 证明是大屏的登录 不做单点提示
+ if (null == user ) {
+ throw new ManagementException("登录信息已过期,请重新登录!", 504);
+ }
+ // 优先判断当前账号是否已在其他设备登录
+ if (!user.getIsCanLogin() && user.getIsBig() == null) {
+ throw new ManagementException("当前登录账号在其他设备登录!", 505);
+ }
+ // 再次判断登录状态是否已过期
+ if (System.currentTimeMillis() > user.getExpireTime() && user.getIsBig()==null) {
+ throw new ManagementException("登录信息已过期,请重新登录!", 504);
+ }
return user;
}
- }
- catch (Exception e)
- {
- }
+ return user;
+ }
+ public LoginUser getLoginUserDevice(String token)
+ {
+ LoginUser user = null;
+
+ if (StringUtils.isNotEmpty(token))
+ {
+ String userkey = JwtUtils.getUserKeyDevice(token);
+ user = redisService.getCacheObject(getTokenKey1(userkey));
+ // 再次判断登录状态是否已过期
+ if (null == user) {
+ throw new ManagementException("登录信息已过期,请重新登录!", 504);
+ }
+ // 优先判断当前账号是否已在其他设备登录
+ if (!user.getIsCanLogin()) {
+ throw new ManagementException("当前登录账号在其他设备登录!", 505);
+ }
+ // 再次判断登录状态是否已过期
+ if (System.currentTimeMillis() > user.getExpireTime()) {
+ throw new ManagementException("登录信息已过期,请重新登录!", 504);
+ }
+ return user;
+ }
return user;
}
@@ -133,6 +205,14 @@
redisService.deleteObject(getTokenKey(userkey));
}
}
+ public void delLoginUserDevice(String token)
+ {
+ if (StringUtils.isNotEmpty(token))
+ {
+ String userkey = JwtUtils.getUserKeyDevice(token);
+ redisService.deleteObject(getTokenKey1(userkey));
+ }
+ }
/**
* 验证令牌有效期,相差不足120分钟,自动刷新缓存
@@ -156,15 +236,67 @@
*/
public void refreshToken(LoginUser loginUser)
{
+ Set redisCache = redisService.getKeysPrefix(ACCESS_TOKEN);
+ for (Object key : redisCache) {
+ String strKey = String.valueOf(key);
+ // 根据 login_tokens:加密token 获取用户登录信息
+ Object redisCacheUserInfo = redisService.getCacheObject(strKey);
+ LoginUser redisUserInfo = JSONObject.parseObject(JSONObject.toJSONString(redisCacheUserInfo), LoginUser.class);
+ // 单点逻辑,如果当前用户已处于登录状态并再次登录,则清除该用户上一次登录token
+ if (loginUser.getUserid().equals(redisUserInfo.getUserid())) {
+ // 被挤账户 可登录状态 已经为 false时,跳出循环
+ if (!redisUserInfo.getIsCanLogin()) {
+ continue;
+ }
+ if (redisUserInfo.getIsBig()!=null) {
+ continue;
+ }
+ // 设置能否登录字段为 否,当该token登录时,isCanLogin为false表示账号被挤
+ redisUserInfo.setIsCanLogin(Boolean.FALSE);
+ redisService.setCacheObject(strKey, redisUserInfo, redisService.getExpire(strKey), TimeUnit.SECONDS);
+ }
+ }
+ // 单点登录逻辑
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
String userKey = getTokenKey(loginUser.getToken());
redisService.setCacheObject(userKey, loginUser, EXPIRE_TIME, TimeUnit.MINUTES);
}
+ // 扫描设备单点登录
+ public void refreshToken1(LoginUser loginUser)
+ {
+ Set redisCache = redisService.getKeysPrefix(ACCESS_TOKEN_DEVICE);
+ for (Object key : redisCache) {
+ String strKey = String.valueOf(key);
+ // 根据 login_tokens:加密token 获取用户登录信息
+ Object redisCacheUserInfo = redisService.getCacheObject(strKey);
+ LoginUser redisUserInfo = JSONObject.parseObject(JSONObject.toJSONString(redisCacheUserInfo), LoginUser.class);
+ // 单点逻辑,如果当前用户已处于登录状态并再次登录,则清除该用户上一次登录token
+ if (loginUser.getUserid().equals(redisUserInfo.getUserid())) {
+ // 被挤账户 可登录状态 已经为 false时,跳出循环
+ if (!redisUserInfo.getIsCanLogin()) {
+ continue;
+ }
+ // 设置能否登录字段为 否,当该token登录时,isCanLogin为false表示账号被挤
+ redisUserInfo.setIsCanLogin(Boolean.FALSE);
+ redisService.setCacheObject(strKey, redisUserInfo, redisService.getExpire(strKey), TimeUnit.SECONDS);
+ }
+ }
+ // 单点登录逻辑
+ loginUser.setLoginTime(System.currentTimeMillis());
+ loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_MINUTE);
+ // 根据uuid将loginUser缓存
+ String userKey = getTokenKey1(loginUser.getToken());
+ redisService.setCacheObject(userKey, loginUser, EXPIRE_TIME, TimeUnit.MINUTES);
+ }
private String getTokenKey(String token)
{
return ACCESS_TOKEN + token;
}
+ private String getTokenKey1(String token)
+ {
+ return ACCESS_TOKEN_DEVICE + token;
+ }
}
\ No newline at end of file
--
Gitblit v1.7.1