账号强制被踢出登录状态逻辑的优化

zhaoxiaohao

2021-03-08 3cc66f911c6a7b0d55ddb58c67e16963195ea351

账号强制被踢出登录状态逻辑的优化

 kidgrow-commons/kidgrow-redis-spring-boot-starter/src/main/java/com/kidgrow/redis/util/RedisUtils.java

@@ -655,4 +655,13 @@
            return 0;
        }
    }

    /**
     * 整个集合删除
     * @param key
     */
    public void removeAll(String key){
        redisTemplate.delete(key);
//        redisTemplate.opsForList().leftPop(key);
    }
}

 kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/resources/application.yml

@@ -236,6 +236,7 @@
      - /api-record/DiagnosticUnfinishedFegin/equipmentUpload
      - /api-opration/wxController/getOpenId
      - /api-record/DiagnosticUnfinishedFegin/recordChildInterworking
      - /api-uaa/tokens/getName
#      - /api-user/syshospital/findAllByMap
#      - /api-user/sysdictionaries/findAll
#      - /api-user/sysdepartment/findListByHospitalId
@@ -277,7 +278,8 @@
        /api-record/DiagnosticUnfinishedFegin/equipmentList,
        /api-record/DiagnosticUnfinishedFegin/equipmentUpload,
        /api-opration/wxController/getOpenId,
        /api-record/DiagnosticUnfinishedFegin/recordChildInterworking
        /api-record/DiagnosticUnfinishedFegin/recordChildInterworking,
        /api-uaa/tokens/getName
#        /api-user/syshospital/findAllByMap,
#        /api-user/sysdictionaries/findAll,
#        /api-user/sysdepartment/findListByHospitalId

 kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/ITokensService.java

@@ -1,6 +1,7 @@
package com.kidgrow.oauth2.service;

import com.kidgrow.common.model.PageResult;
import com.kidgrow.common.model.ResultBody;
import com.kidgrow.oauth2.model.TokenVo;

import java.util.Map;
@@ -20,4 +21,6 @@
     * @param clientId 应用id
     */
    PageResult<TokenVo> listTokens(Map<String, Object> params, String clientId);

    ResultBody getBeforLogin(Map<String, Object> map);
}

 kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/impl/RedisTokensServiceImpl.java

@@ -4,9 +4,12 @@
import cn.hutool.core.util.StrUtil;
import com.kidgrow.common.constant.SecurityConstants;
import com.kidgrow.common.model.PageResult;
import com.kidgrow.common.model.ResultBody;
import com.kidgrow.common.utils.StringUtils;
import com.kidgrow.redis.template.RedisRepository;
import com.kidgrow.oauth2.model.TokenVo;
import com.kidgrow.oauth2.service.ITokensService;
import com.kidgrow.redis.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.MapUtils;
import org.springframework.beans.factory.annotation.Autowired;
@@ -32,6 +35,8 @@
public class RedisTokensServiceImpl implements ITokensService {
    @Autowired
    private RedisRepository redisRepository;
    @Autowired
    private RedisUtils redisUtils;

    @Override
    public PageResult<TokenVo> listTokens(Map<String, Object> params, String clientId) {
@@ -81,4 +86,27 @@
        }
        return result;
    }

    @Override
    public ResultBody getBeforLogin(Map<String, Object> map) {
        String name = MapUtils.getString(map, "name");
        if (StringUtils.isBlank(name)) {
            return ResultBody.failed("请输入用户名");
        }
        String webApp = MapUtils.getString(map, "webApp");
        if (StringUtils.isBlank(webApp)) {
            return ResultBody.failed("请输入应用id");
        }
        List<Object> objectList = redisUtils.lGet(SecurityConstants.REDIS_UNAME_TO_ACCESS+webApp+":"+name,0,0
        );
        if(objectList!=null){
            if (objectList.size()>0) {
                return ResultBody.ok().data(false);
            }else {
                return ResultBody.ok().data(true);
            }
        }else {
            return ResultBody.ok().data(true);
        }
    }
}

 kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/TokensController.java

@@ -1,15 +1,13 @@
package com.kidgrow.oauth2.controller;

import com.kidgrow.common.model.PageResult;
import com.kidgrow.common.model.ResultBody;
import com.kidgrow.oauth2.model.TokenVo;
import com.kidgrow.oauth2.service.ITokensService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;

import java.util.Map;

@@ -33,4 +31,15 @@
    public PageResult<TokenVo> list(@RequestParam Map<String, Object> params,@RequestParam(value = "tenantId") String tenantId) {
        return tokensService.listTokens(params, tenantId);
    }
    /**
     * 获取用户是否登录
     * @param map
     * @return
     */
    @PostMapping("getName")
    @ApiOperation(value = "token列表")
    public ResultBody isRegUser(@RequestBody Map<String, Object> map) {

        return tokensService.getBeforLogin(map);
    }
}

 kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java

@@ -2,11 +2,15 @@

import cn.hutool.core.util.StrUtil;
import com.kidgrow.authclient.util.AuthUtils;
import com.kidgrow.common.constant.SecurityConstants;
import com.kidgrow.redis.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.util.Assert;
@@ -26,6 +30,8 @@
public class OauthLogoutHandler implements LogoutHandler {
    @Autowired
    private TokenStore tokenStore;
    @Autowired
    private RedisUtils redisUtils;

    @Override
    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
@@ -37,14 +43,26 @@
        if(StrUtil.isNotEmpty(token)){
            OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);
            OAuth2RefreshToken refreshToken;
            String clientId="";//属于哪个服务
            String userName="";//用户的名称
            if (existingAccessToken != null) {
                if (existingAccessToken.getRefreshToken() != null) {
                    //获取用户信息
                    Object o = redisUtils.get(SecurityConstants.REDIS_TOKEN_AUTH + existingAccessToken.getValue());
                    if(o!=null){
                        OAuth2Authentication accessToken = (OAuth2Authentication)o;
                        OAuth2Request requestOuth = accessToken.getOAuth2Request();
                        userName=accessToken.getName();
                        clientId=requestOuth.getClientId();
                    }
                    log.info("remove refreshToken!", existingAccessToken.getRefreshToken());
                    refreshToken = existingAccessToken.getRefreshToken();
                    tokenStore.removeRefreshToken(refreshToken);
                }
                log.info("remove existingAccessToken!", existingAccessToken);
                tokenStore.removeAccessToken(existingAccessToken);
                //将 token与 用户的关联  清除；
                redisUtils.removeAll(SecurityConstants.REDIS_UNAME_TO_ACCESS+clientId+":"+userName);
            }
        }
    }