高仿一个函谷关的登录验证接口的返回，实际已去函谷关验证用户登录了

306949d6 · Java-刘彧阳 · 0c2d958e · 306949d6 · 306949d6 · 306949d6
Commit 306949d6 authored May 10, 2017 by Java-刘彧阳
5 changed files
--- a/src/main/java/cn/quantgroup/xyqb/controller/IBaseController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/IBaseController.java
@@ -9,7 +9,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import javax.servlet.http.HttpServletRequest;
 import static cn.quantgroup.xyqb.session.XyqbSessionContextHolder.getXSession;
+import static cn.quantgroup.xyqb.session.XyqbSessionContextHolder.getXSessionFromRedis;
 /**
 * Created by Miraculous on 15/7/5.
 */
@@ -27,6 +27,10 @@ public interface IBaseController {
    return getXSession();
  }
+  default SessionStruct getCurrentSessionFromRedis(){
+    return   getXSessionFromRedis();
+  }
  default HttpServletRequest getRequest() {
    ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/login/AuthInfoController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/login/AuthInfoController.java
@@ -2,7 +2,6 @@ package cn.quantgroup.xyqb.controller.internal.login;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.User;
-import cn.quantgroup.xyqb.exception.ResponseException;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.UserRet;
 import cn.quantgroup.xyqb.model.session.LoginInfo;
@@ -13,7 +12,9 @@ import com.alibaba.fastjson.JSONObject;
 import com.google.common.collect.ImmutableMap;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.context.request.RequestContextHolder;
@@ -39,9 +40,10 @@ public class AuthInfoController implements IBaseController {
  @Autowired
  private IUserService userService;
  @RequestMapping("/info/login")
  public JsonResult loginInfo() {
-    SessionStruct sessionStruct = getSessionStruct();
+    SessionStruct sessionStruct = getCurrentSessionFromRedis();
    if(null != sessionStruct) {
      LoginInfo loginInfo = new LoginInfo();
      loginInfo.setUser(UserRet.getUserRet(sessionStruct.getValues().getUser()));
@@ -51,7 +53,7 @@ public class AuthInfoController implements IBaseController {
      context.setCreatedFrom(sessionStruct.getValues().getLoginProperties().getCreatedFrom());
      context.setAppChannel(sessionStruct.getValues().getLoginProperties().getAppChannel());
      loginInfo.setLoginContext(context);
-      return JsonResult.buildSuccessResult("", loginInfo);
+      return JsonResult.buildSuccessResult("", loginInfo);  //有ThreadLocal不释放的问题，不可再使用原来方式了
    }else {
      // 函谷关去查token 返回值高仿
      HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();

--- a/src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java
+++ b/src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java
@@ -33,7 +33,7 @@ public class RequestFilter implements Filter {
  //    "verify_AWiagUn4kZiwmTt0.txt"
  //};
  private static final String[] ALLOWED_PATTERNS = {
-      "/innerapi/**", "/user/exist", "/motan/**", "/user/register", "/user/login", "/user/register/fast",
+      "/innerapi/**", "/user/exist", "/motan/**", "/user/register", "/user/login", "/user/register/fast","/auth/info/login",
      "/user/login/fast", "/user/reset_password", "/user/exist_check",
      "/jr58/**", "/app/login", "/app/login_super", "/wechat/**", "/config/**", "/api/**", "/user/exists_token",
      "/platform/api/page/return_url", "/MP_" +

--- a/src/main/java/cn/quantgroup/xyqb/session/XyqbSessionContextHolder.java
+++ b/src/main/java/cn/quantgroup/xyqb/session/XyqbSessionContextHolder.java
@@ -52,6 +52,32 @@ public class XyqbSessionContextHolder {
    }
  }
+  public static SessionStruct getXSessionFromRedis(){
+    HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+    String token = request.getHeader("x-auth-token");
+    if (token == null || token.length() != 36) {
+      return null;
+    }
+    String result = redisTemplate.opsForValue().get(Constants.Session.USER_SESSION_CACHE + token);
+    if (StringUtils.isEmpty(result)) {
+      return null;
+    }
+    try {
+      SessionValue values = JSON.parseObject(result, SessionValue.class);
+      if (values == null) {
+        return null;
+      }
+      SessionStruct sessionStruct = new SessionStruct();
+      sessionStruct.setSid(token);
+      sessionStruct.setValues(values);
+      return sessionStruct;
+    }catch (Exception ex){
+      LOGGER.error("序列化session出错", ex);
+      return null;
+    }
+  }
  public static void releaseSession() {
    threadSession.remove();
  }

--- a/src/main/resources/config/dev/xyqb.properties
+++ b/src/main/resources/config/dev/xyqb.properties
@@ -77,8 +77,8 @@ protocol.contentLength=1048576
 protocol.isDefault=true
 #motan registry center
 registry.protocol=zookeeper
-registry.address=172.16.1.63:2181,172.16.1.64:2181,172.16.1.65:2181
+registry.address=192.168.4.163:2181
-motan.port=8082
+motan.port=8086
 motan.user.group=userGroup
 motan.user.module=user-motan-rpc
 motan.application=xyqbUserMotan