From 3cc66f911c6a7b0d55ddb58c67e16963195ea351 Mon Sep 17 00:00:00 2001
From: zhaoxiaohao <279049017@qq.com>
Date: Mon, 08 Mar 2021 18:42:39 +0800
Subject: [PATCH] 账号强制被踢出登录状态逻辑的优化
---
kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/TokensController.java | 17 ++++++--
kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/resources/application.yml | 4 +
kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/impl/RedisTokensServiceImpl.java | 28 ++++++++++++++
kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java | 18 +++++++++
kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/ITokensService.java | 3 +
kidgrow-commons/kidgrow-redis-spring-boot-starter/src/main/java/com/kidgrow/redis/util/RedisUtils.java | 9 ++++
6 files changed, 74 insertions(+), 5 deletions(-)
diff --git a/kidgrow-commons/kidgrow-redis-spring-boot-starter/src/main/java/com/kidgrow/redis/util/RedisUtils.java b/kidgrow-commons/kidgrow-redis-spring-boot-starter/src/main/java/com/kidgrow/redis/util/RedisUtils.java
index b2a7bd2..6aa363d 100644
--- a/kidgrow-commons/kidgrow-redis-spring-boot-starter/src/main/java/com/kidgrow/redis/util/RedisUtils.java
+++ b/kidgrow-commons/kidgrow-redis-spring-boot-starter/src/main/java/com/kidgrow/redis/util/RedisUtils.java
@@ -655,4 +655,13 @@
return 0;
}
}
+
+ /**
+ * 整个集合删除
+ * @param key
+ */
+ public void removeAll(String key){
+ redisTemplate.delete(key);
+// redisTemplate.opsForList().leftPop(key);
+ }
}
diff --git a/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/resources/application.yml b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/resources/application.yml
index a6da7f1..5dfadce 100644
--- a/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/resources/application.yml
+++ b/kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/resources/application.yml
@@ -236,6 +236,7 @@
- /api-record/DiagnosticUnfinishedFegin/equipmentUpload
- /api-opration/wxController/getOpenId
- /api-record/DiagnosticUnfinishedFegin/recordChildInterworking
+ - /api-uaa/tokens/getName
# - /api-user/syshospital/findAllByMap
# - /api-user/sysdictionaries/findAll
# - /api-user/sysdepartment/findListByHospitalId
@@ -277,7 +278,8 @@
/api-record/DiagnosticUnfinishedFegin/equipmentList,
/api-record/DiagnosticUnfinishedFegin/equipmentUpload,
/api-opration/wxController/getOpenId,
- /api-record/DiagnosticUnfinishedFegin/recordChildInterworking
+ /api-record/DiagnosticUnfinishedFegin/recordChildInterworking,
+ /api-uaa/tokens/getName
# /api-user/syshospital/findAllByMap,
# /api-user/sysdictionaries/findAll,
# /api-user/sysdepartment/findListByHospitalId
diff --git a/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/ITokensService.java b/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/ITokensService.java
index 5cffaf4..d956ca9 100644
--- a/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/ITokensService.java
+++ b/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/ITokensService.java
@@ -1,6 +1,7 @@
package com.kidgrow.oauth2.service;
import com.kidgrow.common.model.PageResult;
+import com.kidgrow.common.model.ResultBody;
import com.kidgrow.oauth2.model.TokenVo;
import java.util.Map;
@@ -20,4 +21,6 @@
* @param clientId 应用id
*/
PageResult<TokenVo> listTokens(Map<String, Object> params, String clientId);
+
+ ResultBody getBeforLogin(Map<String, Object> map);
}
diff --git a/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/impl/RedisTokensServiceImpl.java b/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/impl/RedisTokensServiceImpl.java
index 0d931f5..dc7af4f 100644
--- a/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/impl/RedisTokensServiceImpl.java
+++ b/kidgrow-uaa/kidgrow-uaa-biz/src/main/java/com/kidgrow/oauth2/service/impl/RedisTokensServiceImpl.java
@@ -4,9 +4,12 @@
import cn.hutool.core.util.StrUtil;
import com.kidgrow.common.constant.SecurityConstants;
import com.kidgrow.common.model.PageResult;
+import com.kidgrow.common.model.ResultBody;
+import com.kidgrow.common.utils.StringUtils;
import com.kidgrow.redis.template.RedisRepository;
import com.kidgrow.oauth2.model.TokenVo;
import com.kidgrow.oauth2.service.ITokensService;
+import com.kidgrow.redis.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.MapUtils;
import org.springframework.beans.factory.annotation.Autowired;
@@ -32,6 +35,8 @@
public class RedisTokensServiceImpl implements ITokensService {
@Autowired
private RedisRepository redisRepository;
+ @Autowired
+ private RedisUtils redisUtils;
@Override
public PageResult<TokenVo> listTokens(Map<String, Object> params, String clientId) {
@@ -81,4 +86,27 @@
}
return result;
}
+
+ @Override
+ public ResultBody getBeforLogin(Map<String, Object> map) {
+ String name = MapUtils.getString(map, "name");
+ if (StringUtils.isBlank(name)) {
+ return ResultBody.failed("请输入用户名");
+ }
+ String webApp = MapUtils.getString(map, "webApp");
+ if (StringUtils.isBlank(webApp)) {
+ return ResultBody.failed("请输入应用id");
+ }
+ List<Object> objectList = redisUtils.lGet(SecurityConstants.REDIS_UNAME_TO_ACCESS+webApp+":"+name,0,0
+ );
+ if(objectList!=null){
+ if (objectList.size()>0) {
+ return ResultBody.ok().data(false);
+ }else {
+ return ResultBody.ok().data(true);
+ }
+ }else {
+ return ResultBody.ok().data(true);
+ }
+ }
}
diff --git a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/TokensController.java b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/TokensController.java
index 2a07ce5..57a8ea6 100644
--- a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/TokensController.java
+++ b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/controller/TokensController.java
@@ -1,15 +1,13 @@
package com.kidgrow.oauth2.controller;
import com.kidgrow.common.model.PageResult;
+import com.kidgrow.common.model.ResultBody;
import com.kidgrow.oauth2.model.TokenVo;
import com.kidgrow.oauth2.service.ITokensService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
import java.util.Map;
@@ -33,4 +31,15 @@
public PageResult<TokenVo> list(@RequestParam Map<String, Object> params,@RequestParam(value = "tenantId") String tenantId) {
return tokensService.listTokens(params, tenantId);
}
+ /**
+ * 获取用户是否登录
+ * @param map
+ * @return
+ */
+ @PostMapping("getName")
+ @ApiOperation(value = "token列表")
+ public ResultBody isRegUser(@RequestBody Map<String, Object> map) {
+
+ return tokensService.getBeforLogin(map);
+ }
}
diff --git a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java
index 823529c..7f31915 100644
--- a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java
+++ b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/handler/OauthLogoutHandler.java
@@ -2,11 +2,15 @@
import cn.hutool.core.util.StrUtil;
import com.kidgrow.authclient.util.AuthUtils;
+import com.kidgrow.common.constant.SecurityConstants;
+import com.kidgrow.redis.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.util.Assert;
@@ -26,6 +30,8 @@
public class OauthLogoutHandler implements LogoutHandler {
@Autowired
private TokenStore tokenStore;
+ @Autowired
+ private RedisUtils redisUtils;
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
@@ -37,14 +43,26 @@
if(StrUtil.isNotEmpty(token)){
OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);
OAuth2RefreshToken refreshToken;
+ String clientId="";//属于哪个服务
+ String userName="";//用户的名称
if (existingAccessToken != null) {
if (existingAccessToken.getRefreshToken() != null) {
+ //获取用户信息
+ Object o = redisUtils.get(SecurityConstants.REDIS_TOKEN_AUTH + existingAccessToken.getValue());
+ if(o!=null){
+ OAuth2Authentication accessToken = (OAuth2Authentication)o;
+ OAuth2Request requestOuth = accessToken.getOAuth2Request();
+ userName=accessToken.getName();
+ clientId=requestOuth.getClientId();
+ }
log.info("remove refreshToken!", existingAccessToken.getRefreshToken());
refreshToken = existingAccessToken.getRefreshToken();
tokenStore.removeRefreshToken(refreshToken);
}
log.info("remove existingAccessToken!", existingAccessToken);
tokenStore.removeAccessToken(existingAccessToken);
+ //将 token与 用户的关联 清除;
+ redisUtils.removeAll(SecurityConstants.REDIS_UNAME_TO_ACCESS+clientId+":"+userName);
}
}
}
--
Gitblit v1.8.0