Skip to content

X
xyqb-user2
Commit 4af777a0 authored by 王亮's avatar 王亮
Browse files
Options

update previous code.

parent a6d30a2a
Expand all Show whitespace changes
Inline Side-by-side
Showing with 154 additions and 77 deletions
src/main/java/cn/quantgroup/xyqb/aspect/limit/PasswordFreeAccessValidateAdvisor.java
View file @ 4af777a0
package cn.quantgroup.xyqb.aspect.limit; package cn.quantgroup.xyqb.aspect.limit;
import cn.quantgroup.xyqb.Constants; import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.constant.UserConstant;
import cn.quantgroup.xyqb.entity.User; import cn.quantgroup.xyqb.entity.User;
import cn.quantgroup.xyqb.model.JsonResult; import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.model.LoginProperties; import cn.quantgroup.xyqb.model.LoginProperties;
...@@ -81,25 +82,33 @@ public class PasswordFreeAccessValidateAdvisor { ...@@ -81,25 +82,33 @@ public class PasswordFreeAccessValidateAdvisor {
} }
// 当前请求的Token // 当前请求的Token
String token = request.getHeader(Constants.X_AUTH_TOKEN); String token = request.getHeader(Constants.X_AUTH_TOKEN);
int tenantId= UserConstant.defaultTenantId;
String tenantIdString = request.getHeader(Constants.X_AUTH_TENANT);
if(StringUtils.isNotEmpty(tenantIdString)){
tenantId = Integer.parseInt(tenantIdString);
}
// if (StringUtils.length(token) != Constants.TOKEN_LENGTH) { // if (StringUtils.length(token) != Constants.TOKEN_LENGTH) {
// log.info("非法请求 - 无效token, token={}, phoneNo={}, userId={}, clientIp={}", token, phoneNo, userId, clientIp); // log.info("非法请求 - 无效token, token={}, phoneNo={}, userId={}, clientIp={}", token, phoneNo, userId, clientIp);
// return false; // return false;
// } // }
// 当前session // 当前session
SessionStruct session = XyqbSessionContextHolder.getXSessionFromRedis(token); SessionStruct session = XyqbSessionContextHolder.getXSessionFromRedis(token,tenantId);
if (Objects.isNull(session) || Objects.isNull(session.getValues()) || Objects.isNull(session.getValues().getUser())) { if (Objects.isNull(session) || Objects.isNull(session.getValues()) || Objects.isNull(session.getValues().getUser())) {
log.info("非法请求 - 未登录, token={}, phoneNo={}, userId={}, clientIp={}", token, phoneNo, userId, clientIp); log.info("非法请求 - 未登录, token={}, phoneNo={}, userId={}, clientIp={}", token, phoneNo, userId, clientIp);
return false; return false;
} }
// 获取头部qg-tenant-id // 获取头部qg-tenant-id
String tenantId = request.getHeader(Constants.X_AUTH_TENANT);
LoginProperties loginProperties = session.getValues().getLoginProperties(); LoginProperties loginProperties = session.getValues().getLoginProperties();
// 如果token Session tenantId 不为空 // 如果token Session tenantId 不为空
if (!Objects.isNull(loginProperties.getTenantId())) { if (!Objects.isNull(loginProperties.getTenantId())) {
// 如果头部没有tenantId参数 // 如果头部没有tenantId参数
if (StringUtils.isBlank(tenantId)) { if (StringUtils.isBlank(tenantIdString)) {
// 如果 token Session tenantId 不是默认羊小咩, 那么拒绝登陆 // 如果 token Session tenantId 不是默认羊小咩, 那么拒绝登陆
if (!loginProperties.getTenantId().equals(TenantUtil.TENANT_DEFAULT)) { if (!loginProperties.getTenantId().equals(TenantUtil.TENANT_DEFAULT)) {
log.info("非法请求 - 错误租户, token={}, phoneNo={}, userId={}, clientIp={}, tenantId={}, loginTenantId={}", token, phoneNo, userId, clientIp, tenantId, loginProperties.getTenantId().toString()); log.info("非法请求 - 错误租户, token={}, phoneNo={}, userId={}, clientIp={}, tenantId={}, loginTenantId={}", token, phoneNo, userId, clientIp, tenantId, loginProperties.getTenantId().toString());
...@@ -114,7 +123,7 @@ public class PasswordFreeAccessValidateAdvisor { ...@@ -114,7 +123,7 @@ public class PasswordFreeAccessValidateAdvisor {
} }
} else { } else {
// 如果token seesion tenantId 为空, tenantId不为空,并且不是默认羊小咩 // 如果token seesion tenantId 为空, tenantId不为空,并且不是默认羊小咩
if(!StringUtils.isBlank(tenantId) && !TenantUtil.TENANT_DEFAULT.toString().equals(tenantId)) { if(!StringUtils.isBlank(tenantIdString) && !TenantUtil.TENANT_DEFAULT.toString().equals(tenantId)) {
log.info("非法请求 - 错误租户, token={}, phoneNo={}, userId={}, clientIp={}, tenantId={}", token, phoneNo, userId, clientIp, tenantId); log.info("非法请求 - 错误租户, token={}, phoneNo={}, userId={}, clientIp={}, tenantId={}", token, phoneNo, userId, clientIp, tenantId);
return false; return false;
} }
......
src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserApiController.java
View file @ 4af777a0
...@@ -72,14 +72,20 @@ public class UserApiController { ...@@ -72,14 +72,20 @@ public class UserApiController {
return JsonResult.buildErrorStateResult("token regular invalid ", token); return JsonResult.buildErrorStateResult("token regular invalid ", token);
} }
String tokenKey = Constants.SESSION_PREFIX + token; String tokenKey = Constants.SESSION_PREFIX + token;
String tokenKey2 = Constants.Session.USER_SESSION_CACHE + token;
String tokenKey2;
if (tenantId == null || UserConstant.defaultTenantId.equals(tenantId)) {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + token;
} else {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + token;
}
// 判断token是否存在 // 判断token是否存在
boolean exist = stringRedisTemplate.hasKey(tokenKey) || stringRedisTemplate.hasKey(tokenKey2); boolean exist = stringRedisTemplate.hasKey(tokenKey) || stringRedisTemplate.hasKey(tokenKey2);
log.info("检查token:[{}]有效性[{}],延续生命期[{}]", token, exist, prolong); log.info("检查token:[{}]有效性[{}],延续生命期[{}]", token, exist, prolong);
/* token存在且需要延续时,进一步判断session是否有效,有效时,自动续期 */ /* token存在且需要延续时,进一步判断session是否有效,有效时,自动续期 */
if (Boolean.logicalAnd(exist, prolong)) { if (Boolean.logicalAnd(exist, prolong)) {
// 获取session信息 // 获取session信息
SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(token); SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(token,tenantId);
if (Objects.isNull(sessionStruct)) { if (Objects.isNull(sessionStruct)) {
log.info("延续token:[{}]生命期,result:[{}],SessionStruct:{}", token, false, sessionStruct); log.info("延续token:[{}]生命期,result:[{}],SessionStruct:{}", token, false, sessionStruct);
/* 如果没有获取到session信息则返回错误信息 */ /* 如果没有获取到session信息则返回错误信息 */
......
src/main/java/cn/quantgroup/xyqb/filter/InnerInterceptor.java
View file @ 4af777a0
...@@ -45,7 +45,7 @@ public class InnerInterceptor implements HandlerInterceptor { ...@@ -45,7 +45,7 @@ public class InnerInterceptor implements HandlerInterceptor {
throw new BizException(BizExceptionEnum.UN_EXIT_STMS_TOKEN); throw new BizException(BizExceptionEnum.UN_EXIT_STMS_TOKEN);
} }
SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(stmsToken); SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(stmsToken,Integer.valueOf(tenantId));
if (sessionStruct == null) { if (sessionStruct == null) {
OauthResult oauthResult = stmsRemoteService.checkToken(stmsToken); OauthResult oauthResult = stmsRemoteService.checkToken(stmsToken);
......
src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java
View file @ 4af777a0
package cn.quantgroup.xyqb.service.session.impl; package cn.quantgroup.xyqb.service.session.impl;
import cn.quantgroup.xyqb.Constants; import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.constant.UserConstant;
import cn.quantgroup.xyqb.constant.enums.RecordType; import cn.quantgroup.xyqb.constant.enums.RecordType;
import cn.quantgroup.xyqb.entity.User; import cn.quantgroup.xyqb.entity.User;
import cn.quantgroup.xyqb.entity.UserTag; import cn.quantgroup.xyqb.entity.UserTag;
...@@ -64,10 +65,10 @@ public class SessionServiceImpl implements ISessionService { ...@@ -64,10 +65,10 @@ public class SessionServiceImpl implements ISessionService {
*/ */
@Override @Override
public AuthBean createSession(User user, LoginProperties properties, int loginType, Integer tenantId) { public AuthBean createSession(User user, LoginProperties properties, int loginType, Integer tenantId) {
return this.createSession(user,properties,loginType,tenantId,true); return this.createSession(user, properties, loginType, tenantId, true);
} }
public AuthBean createSession(User user, LoginProperties properties, int loginType,Integer tenantId,boolean send){ public AuthBean createSession(User user, LoginProperties properties, int loginType, Integer tenantId, boolean send) {
//找到用户 //找到用户
//TODO: 使用userId //TODO: 使用userId
String sessionId = findSessionIdByUserIdLoginProperties(user.getId(), properties, tenantId); String sessionId = findSessionIdByUserIdLoginProperties(user.getId(), properties, tenantId);
...@@ -79,6 +80,7 @@ public class SessionServiceImpl implements ISessionService { ...@@ -79,6 +80,7 @@ public class SessionServiceImpl implements ISessionService {
sessionStruct.setAttribute("channelId", String.valueOf(properties.getChannelId())); sessionStruct.setAttribute("channelId", String.valueOf(properties.getChannelId()));
sessionStruct.setAttribute("createdFrom", String.valueOf(properties.getCreatedFrom())); sessionStruct.setAttribute("createdFrom", String.valueOf(properties.getCreatedFrom()));
sessionStruct.setAttribute("appChannel", String.valueOf(properties.getAppChannel())); sessionStruct.setAttribute("appChannel", String.valueOf(properties.getAppChannel()));
sessionStruct.setTenantId(tenantId);
sessionStruct.getValues().setLoginProperties(properties); sessionStruct.getValues().setLoginProperties(properties);
persistSession(sessionStruct.getSid(), sessionStruct.getValues(), tenantId); persistSession(sessionStruct.getSid(), sessionStruct.getValues(), tenantId);
} else { } else {
...@@ -95,7 +97,7 @@ public class SessionServiceImpl implements ISessionService { ...@@ -95,7 +97,7 @@ public class SessionServiceImpl implements ISessionService {
// 添加登陆日志 // 添加登陆日志
loginRecordService.saveLoginRecord(user.getId(), RecordType.LOGINRECORD.getName(), loginType); loginRecordService.saveLoginRecord(user.getId(), RecordType.LOGINRECORD.getName(), loginType);
if(send){ if (send) {
//更新user_tag记录 //更新user_tag记录
applicationEventPublisher.publishEvent(new UserLoginEvent(this, UserTag.builder() applicationEventPublisher.publishEvent(new UserLoginEvent(this, UserTag.builder()
.userId(user.getId()).registeredFrom(sessionStruct.getRegisteredFrom()).tenantId(user.getTenantId()).build())); .userId(user.getId()).registeredFrom(sessionStruct.getRegisteredFrom()).tenantId(user.getTenantId()).build()));
...@@ -142,12 +144,25 @@ public class SessionServiceImpl implements ISessionService { ...@@ -142,12 +144,25 @@ public class SessionServiceImpl implements ISessionService {
} else if (properties.getTenantId().equals(0) || TenantUtil.TENANT_DEFAULT.equals(properties.getTenantId())) { } else if (properties.getTenantId().equals(0) || TenantUtil.TENANT_DEFAULT.equals(properties.getTenantId())) {
return Constants.Session.USER_SESSION_ID_CACHE + ":" + userId + ":" + properties.getMerchantName() + ":" + properties.getCreatedFrom(); return Constants.Session.USER_SESSION_ID_CACHE + ":" + userId + ":" + properties.getMerchantName() + ":" + properties.getCreatedFrom();
} else { } else {
return Constants.Session.USER_SESSION_ID_CACHE + ":" + userId + ":" + properties.getMerchantName() + ":" + properties.getCreatedFrom() + ":" + properties.getTenantId(); Integer key;
if (tenantId != null) {
key = tenantId;
} else {
key = properties.getTenantId();
}
return Constants.Session.USER_SESSION_ID_CACHE + ":" + userId + ":" + properties.getMerchantName() + ":" + properties.getCreatedFrom() + ":" + key;
} }
} }
private String findSessionValueBySessionId(String sessionId, Integer tenantId) { private String findSessionValueBySessionId(String sessionId, Integer tenantId) {
String result = stringRedisTemplate.opsForValue().get(Constants.Session.USER_SESSION_CACHE + sessionId); String tokenKey2;
if (tenantId == null || UserConstant.defaultTenantId.equals(tenantId)) {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + sessionId;
} else {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + sessionId;
}
String result = stringRedisTemplate.opsForValue().get(tokenKey2);
return StringUtils.defaultString(result, ""); return StringUtils.defaultString(result, "");
} }
...@@ -190,24 +205,31 @@ public class SessionServiceImpl implements ISessionService { ...@@ -190,24 +205,31 @@ public class SessionServiceImpl implements ISessionService {
sessionValue = new SessionValue(); sessionValue = new SessionValue();
} }
if(sessionValue.getLoginProperties()==null){ if (sessionValue.getLoginProperties() == null) {
sessionValue.setLoginProperties(new LoginProperties()); sessionValue.setLoginProperties(new LoginProperties());
} }
LoginProperties loginProperties= sessionValue.getLoginProperties(); LoginProperties loginProperties = sessionValue.getLoginProperties();
loginProperties.setTenantId(tenantId); loginProperties.setTenantId(tenantId);
sessionValue.setLoginProperties(loginProperties); sessionValue.setLoginProperties(loginProperties);
sessionValue.setLastAccessTime(current); sessionValue.setLastAccessTime(current);
String json = JSON.toJSONString(sessionValue); String json = JSON.toJSONString(sessionValue);
stringRedisTemplate.opsForValue().set(Constants.Session.USER_SESSION_CACHE + token, json, String key;
if (tenantId == null || UserConstant.defaultTenantId.equals(tenantId)) {
key = Constants.Session.USER_SESSION_CACHE + token;
} else {
key = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + token;
}
stringRedisTemplate.opsForValue().set(key, json,
time, TimeUnit.SECONDS); time, TimeUnit.SECONDS);
if(sessionValue.getUser()!=null){ if (sessionValue.getUser() != null) {
String key = generateLoginPropertiesKey(sessionValue.getUser().getId(), sessionValue.getLoginProperties(), tenantId); String generateLoginPropertiesKey = generateLoginPropertiesKey(sessionValue.getUser().getId(), sessionValue.getLoginProperties(), tenantId);
stringRedisTemplate.opsForValue().set(key, token, time, TimeUnit.SECONDS); stringRedisTemplate.opsForValue().set(generateLoginPropertiesKey, token, time, TimeUnit.SECONDS);
log.info("[Session生命期延续],token:{},有效期:[24Hour]", token); log.info("[Session生命期延续],token:{},有效期:[24Hour]", token);
setUserIdTokenKeys(sessionValue.getUser().getId(), key, tenantId); setUserIdTokenKeys(sessionValue.getUser().getId(), generateLoginPropertiesKey, tenantId);
} }
} }
...@@ -272,7 +294,13 @@ public class SessionServiceImpl implements ISessionService { ...@@ -272,7 +294,13 @@ public class SessionServiceImpl implements ISessionService {
} }
private String getUserTokenKey(String token, Integer tenantId) { private String getUserTokenKey(String token, Integer tenantId) {
return Constants.Session.USER_SESSION_CACHE + token; String tokenKey2;
if (tenantId == null || UserConstant.defaultTenantId.equals(tenantId)) {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + token;
} else {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + token;
}
return tokenKey2;
} }
/** /**
...@@ -330,8 +358,14 @@ public class SessionServiceImpl implements ISessionService { ...@@ -330,8 +358,14 @@ public class SessionServiceImpl implements ISessionService {
return; return;
} }
stringRedisTemplate.delete(Constants.Session.USER_SESSION_CACHE + sessionStruct.getSid()); String tokenKey2;
if (UserConstant.defaultTenantId.equals(tenantId)) {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + sessionStruct.getSid();
} else {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + sessionStruct.getSid();
}
stringRedisTemplate.delete(tokenKey2);
String key = generateLoginPropertiesKey(user.getId(), values.getLoginProperties(), tenantId); String key = generateLoginPropertiesKey(user.getId(), values.getLoginProperties(), tenantId);
...@@ -347,7 +381,15 @@ public class SessionServiceImpl implements ISessionService { ...@@ -347,7 +381,15 @@ public class SessionServiceImpl implements ISessionService {
Timestamp current = new Timestamp(System.currentTimeMillis()); Timestamp current = new Timestamp(System.currentTimeMillis());
sessionValue.setLastAccessTime(current); sessionValue.setLastAccessTime(current);
String json = JSON.toJSONString(sessionValue); String json = JSON.toJSONString(sessionValue);
stringRedisTemplate.opsForValue().set(Constants.Session.USER_SESSION_CACHE + token, json,
String tokenKey2;
if (UserConstant.defaultTenantId.equals(tenantId)) {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + token;
} else {
tokenKey2 = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + token;
}
stringRedisTemplate.opsForValue().set(tokenKey2, json,
Constants.Session.SESSION_VALID_TIME, TimeUnit.SECONDS); Constants.Session.SESSION_VALID_TIME, TimeUnit.SECONDS);
String key = generateLoginPropertiesKey(sessionValue.getUser().getId(), sessionValue.getLoginProperties(), tenantId); String key = generateLoginPropertiesKey(sessionValue.getUser().getId(), sessionValue.getLoginProperties(), tenantId);
stringRedisTemplate.opsForValue().set(key, token, expire, TimeUnit.SECONDS); stringRedisTemplate.opsForValue().set(key, token, expire, TimeUnit.SECONDS);
......
src/main/java/cn/quantgroup/xyqb/session/XyqbSessionContextHolder.java
View file @ 4af777a0
package cn.quantgroup.xyqb.session; package cn.quantgroup.xyqb.session;
import cn.quantgroup.xyqb.Constants; import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.constant.UserConstant;
import cn.quantgroup.xyqb.model.LoginProperties; import cn.quantgroup.xyqb.model.LoginProperties;
import cn.quantgroup.xyqb.model.session.SessionStruct; import cn.quantgroup.xyqb.model.session.SessionStruct;
import cn.quantgroup.xyqb.model.session.SessionValue; import cn.quantgroup.xyqb.model.session.SessionValue;
...@@ -124,7 +125,12 @@ public class XyqbSessionContextHolder { ...@@ -124,7 +125,12 @@ public class XyqbSessionContextHolder {
public static SessionStruct getXSessionFromRedis() { public static SessionStruct getXSessionFromRedis() {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String token = request.getHeader(Constants.X_AUTH_TOKEN); String token = request.getHeader(Constants.X_AUTH_TOKEN);
return getXSessionFromRedis(token); int tenantId= UserConstant.defaultTenantId;
String tenantIdString = request.getHeader(Constants.X_AUTH_TENANT);
if(StringUtils.isNotEmpty(tenantIdString)){
tenantId = Integer.parseInt(tenantIdString);
}
return getXSessionFromRedis(token,tenantId);
} }
public static String getXSessionFromTenantRedis() { public static String getXSessionFromTenantRedis() {
...@@ -132,8 +138,14 @@ public class XyqbSessionContextHolder { ...@@ -132,8 +138,14 @@ public class XyqbSessionContextHolder {
return request.getHeader(Constants.X_AUTH_TENANT); return request.getHeader(Constants.X_AUTH_TENANT);
} }
public static SessionStruct getXSessionFromRedis(String token) { public static SessionStruct getXSessionFromRedis(String token,Integer tenantId) {
String linkToken = Constants.Session.USER_SESSION_CACHE + token; String linkToken;
if (UserConstant.defaultTenantId.equals(tenantId)) {
linkToken = Constants.Session.USER_SESSION_CACHE + token;
} else {
linkToken = Constants.Session.USER_SESSION_CACHE + tenantId + ":" + token;
}
String result = redisTemplate.opsForValue().get(linkToken); String result = redisTemplate.opsForValue().get(linkToken);
if (StringUtils.isEmpty(result)) { if (StringUtils.isEmpty(result)) {
log.warn("[XyqbSessionContextHolder][getXSessionFromRedis] session data 未找到:Tokekn:{},linkTokekn:{},sessionValue:{}", token, linkToken, result); log.warn("[XyqbSessionContextHolder][getXSessionFromRedis] session data 未找到:Tokekn:{},linkTokekn:{},sessionValue:{}", token, linkToken, result);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment