一个用户只有一个token

src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/LoginServiceImpl.java

@@ -11,7 +11,6 @@ import cn.quantgroup.cashloanflowboss.api.user.entity.User;
 import cn.quantgroup.cashloanflowboss.api.user.model.UserInfo;
 import cn.quantgroup.cashloanflowboss.api.user.service.UserService;
 import cn.quantgroup.cashloanflowboss.core.Application;
-import cn.quantgroup.cashloanflowboss.core.base.ServiceResult;
 import cn.quantgroup.cashloanflowboss.core.base.Tuple;
 import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationDictionary;
 import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationStatus;
@@ -125,11 +124,7 @@ public class LoginServiceImpl implements LoginService {
         long currentTimeMillis = System.currentTimeMillis();
         principal.setLoginTimeMillis(currentTimeMillis);
 
-        String token = Application.getBossToken(request);
-        if (principalService.getPrincipal() == null || StringUtils.isEmpty(token)) {
-            // 是否redis中存在token
-            token = UUID.randomUUID().toString();
-        }
+        String token = principalService.getUserBossTokenInRedis(username);
         principalService.pushPrincipal(token, principal);
 
         // session登陆时间，毫秒值

src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/PrincipalService.java

@@ -2,6 +2,8 @@ package cn.quantgroup.cashloanflowboss.api.login.service;
 
 import cn.quantgroup.cashloanflowboss.api.login.model.Principal;
 
+import javax.servlet.http.HttpServletRequest;
+
 /**
  * 获取用户登陆主题信息
  *
@@ -15,4 +17,19 @@ public interface PrincipalService {
     void pushPrincipal(String token, Principal principal);
 
     void removePrincipal();
+
+    /**
+     * 通过用户名 获取redis中是否已有token存在
+     * 如果登陆过，或者登陆未过期 沿用token
+     * 保证一个用户  同一时间 只有一个token，可以作用在防止重复登陆上
+     * @param username
+     * @return
+     */
+    String getUserBossTokenInRedis(String username);
+
+    /**
+     * 从header中获取token
+     * @return
+     */
+    String getUserBossTokenInRequest();
 }

src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/PrincipalServiceImpl.java

@@ -2,8 +2,10 @@ package cn.quantgroup.cashloanflowboss.api.login.service;
 
 import cn.quantgroup.cashloanflowboss.api.login.model.Principal;
 import cn.quantgroup.cashloanflowboss.core.Application;
+import cn.quantgroup.cashloanflowboss.core.constants.Constants;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.data.redis.core.ValueOperations;
 import org.springframework.stereotype.Component;
 
@@ -22,6 +24,9 @@ public class PrincipalServiceImpl implements PrincipalService {
     @Autowired
     private HttpServletRequest request;
 
+    @Autowired
+    private StringRedisTemplate redisTemplate;
+
     @Resource(name = "redisTemplate")
     private ValueOperations<String, Principal> loginOperations;
 
@@ -47,5 +52,20 @@ public class PrincipalServiceImpl implements PrincipalService {
         }
     }
 
+    @Override
+    public String getUserBossTokenInRedis(String username) {
+        // redis 中用姓名作为key，存的用户登陆token为空
+        String token = redisTemplate.opsForValue().get(Constants.USER_NAME_TOKEN + username);
+        if (StringUtils.isEmpty(token)) {
+            return UUID.randomUUID().toString();
+        }
+        return token;
+    }
+
+    @Override
+    public String getUserBossTokenInRequest() {
+        return this.request.getHeader(Constants.UI_HEADER_TOKEN);
+    }
+
 
 }

src/main/java/cn/quantgroup/cashloanflowboss/core/constants/Constants.java

@@ -15,4 +15,5 @@ public interface Constants {
     String TRUE = "true";
     String START_THIS = "#this";
     String UI_HEADER_TOKEN = "boss-token";
+    String USER_NAME_TOKEN = "username:token:key:";
 }