电商金融用户中心token互换

4cbc8afb · 李健华 · 738586df · 4cbc8afb · 4cbc8afb · 4cbc8afb
Commit 4cbc8afb authored Jan 05, 2022 by 李健华
5 changed files
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
@@ -15,6 +15,8 @@ import cn.quantgroup.xyqb.exception.UserNotExistException;
 import cn.quantgroup.xyqb.exception.VerificationCodeErrorException;
 import cn.quantgroup.xyqb.model.*;
 import cn.quantgroup.xyqb.model.session.SessionStruct;
+import cn.quantgroup.xyqb.model.session.SessionValue;
+import cn.quantgroup.xyqb.service.http.IHttpService;
 import cn.quantgroup.xyqb.service.merchant.IMerchantService;
 import cn.quantgroup.xyqb.service.register.IUserRegisterService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
@@ -27,12 +29,14 @@ import cn.quantgroup.xyqb.util.PasswordUtil;
 import cn.quantgroup.xyqb.util.TenantUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -82,6 +86,15 @@ public class UserController implements IBaseController {
    @Autowired
    private ITenantService tenantService;
+    @Value("${xyqb.user.service.host}")
+    private String userHost;
+    @Value("${token.prefix}")
+    private String prefix;
+    @Autowired
+    private IHttpService httpService;
    /**
     * 登录（账号 + 密码）
@@ -479,6 +492,58 @@ public class UserController implements IBaseController {
        return JsonResult.buildSuccessResult(null, result);
    }
+    /**
+     * token 交换
+     *
+     */
+    @RequestMapping("/tokenExchange")
+    public TokenExchange tokenExchange(@RequestParam String token, @RequestParam(required = false) Integer tenantId) {
+        TokenExchange tokenExchange = new TokenExchange();
+        if (StringUtils.isEmpty(token)) {
+            return null;
+        }
+        if (token.contains(Constants.TOKEN_MASTER)) {
+            return null;
+        }
+        SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(token);
+        if (sessionStruct == null || sessionStruct.getValues() == null) {
+            return null;
+        }
+        User user = sessionStruct.getValues().getUser();
+        tokenExchange.setLoginProperties(JSONObject.toJSONString(sessionStruct.getValues().getLoginProperties()));
+        tokenExchange.setUserId(user.getId());
+        return tokenExchange;
+    }
+    /**
+     *  交换token
+     * @param token
+     * @return
+     */
+    private void findTokenExchange(String token) {
+        // 请求其他系统信息
+        HashMap<String, String> parameters = new HashMap<>();
+        parameters.put("token", token);
+        String resultStr = httpService.post(userHost + "/user/tokenExchange", parameters);
+        // 如果有返回值
+        if (!resultStr.isEmpty()) {
+            TokenExchange tokenExchange = JSONObject.parseObject(resultStr, TokenExchange.class);
+            SessionValue sessionValue = new SessionValue();
+            tokenExchange.setUserId(65172086L);
+            User user = userService.findById(tokenExchange.getUserId());
+            LoginProperties loginProperties = JSONObject.parseObject(tokenExchange.getLoginProperties(), LoginProperties.class);
+            // 根据返回值生成token, 返回值包含user:session:token的值
+            sessionValue.setUser(user);
+            sessionValue.setLoginProperties(loginProperties);
+            sessionService.persistSessionExchange(token, sessionValue);
+        }
+    }
    /**
     * 用户中心首页，显示用户头像、昵称、姓名
     *

--- a/src/main/java/cn/quantgroup/xyqb/model/TokenExchange.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/TokenExchange.java
+package cn.quantgroup.xyqb.model;
+import lombok.*;
+import java.io.Serializable;
+/**
+ * @author mengfan.feng
+ * @time 2015-10-27 16:15
+ */
+@Getter
+@Setter
+@ToString
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class TokenExchange implements Serializable {
+    private static final long serialVersionUID = -1L;
+    private Long userId;
+    private String uuid;
+    private String loginProperties;
+}
--- a/src/main/java/cn/quantgroup/xyqb/service/session/ISessionService.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/session/ISessionService.java
@@ -42,4 +42,5 @@ public interface ISessionService {
     */
    void deleteSession(String token);
+    void persistSessionExchange(String token, SessionValue sessionValue);
 }
--- a/src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java
@@ -123,7 +123,7 @@ public class SessionServiceImpl implements ISessionService {
        Timestamp now = new Timestamp(System.currentTimeMillis());
        SessionStruct sessionStruct = new SessionStruct();
        SessionValue sessionValue = new SessionValue();
-        sessionStruct.setSid(UUID.randomUUID().toString());
+        sessionStruct.setSid("yxm-" + UUID.randomUUID().toString());
        sessionValue.setCreatedAt(now);
        sessionValue.setLastAccessTime(now);
        sessionValue.setUser(user);
@@ -282,6 +282,18 @@ public class SessionServiceImpl implements ISessionService {
        }
    }
+    @Override
+    public void persistSessionExchange(String token, SessionValue sessionValue) {
+        Timestamp current = new Timestamp(System.currentTimeMillis());
+        sessionValue.setLastAccessTime(current);
+        String json = JSON.toJSONString(sessionValue);
+        stringRedisTemplate.opsForValue().set(Constants.Session.USER_SESSION_CACHE + token, json,
+                Constants.Session.SESSION_VALID_TIME, TimeUnit.SECONDS);
+        String key = generateLoginPropertiesKey(sessionValue.getUser().getId(), sessionValue.getLoginProperties());
+        stringRedisTemplate.opsForValue().set(key, token, Constants.Session.SESSION_VALID_TIME, TimeUnit.SECONDS);
+        setUserIdTokenKeys(sessionValue.getUser().getId(), key);
+    }
    /**
     * 获取用户的会话缓存Set的Redis-Key
     *

--- a/src/main/java/cn/quantgroup/xyqb/session/XyqbSessionContextHolder.java
+++ b/src/main/java/cn/quantgroup/xyqb/session/XyqbSessionContextHolder.java
@@ -52,7 +52,7 @@ public class XyqbSessionContextHolder {
    }
    public static SessionStruct getXSessionFromRedis(String token) {
-        if (StringUtils.length(token) != Constants.TOKEN_LENGTH || Objects.isNull(redisTemplate)) {
+        if ( Objects.isNull(redisTemplate)) {
            return null;
        }
        String result = redisTemplate.opsForValue().get(Constants.Session.USER_SESSION_CACHE + token);