代码拉取完成,页面将自动刷新
分布式单点登陆(记得点个star哦)
(cookie的存储,token的概念,这个不是很明白的,建议先去自行百度搞清楚。注:该博客站点不会去浪费文笔去解释各种名词与定义)
模块名称 | 作用 |
---|---|
wangjc-sso-core | 如截图所示,放定制好的实体,redisService,工具类,返回值,常量…… |
wangjc-sso-web-autologin | 认证中心,主要负责登陆页面,核心业务在于登陆的存储,成功后的重定向 |
wangjc-sso-web-test | 测试实例,主要代码在拦截器里,拦截当前的请求是否已认证,是否需要转发到认证中心 |
public class TUser implements Serializable {
private static final long serialVersionUID = -6882766758996195727L;
private Long id = 1L;
private String userName = "wangjc";
private String password = "123456";
//省略getting,setting
}
//这里的实体避开访问数据库的操作,直接写死。。
/**
* 登录请求页面
* @return
*/
@RequestMapping(value = "/index",method = {RequestMethod.GET,RequestMethod.POST})
public ModelAndView index(String redirect, HttpServletRequest request){
TUser user = AutoLoginHelp.loginCheck(request, redisService);
if(user == null){
ModelAndView view = new ModelAndView("/page/login");
view.addObject("redirect", redirect);
logger.info("登录请求,站点[{}]",redirect);
return view;
}
if(redirect == null){
return new ModelAndView("/index");
}
return new ModelAndView("redirect:"+redirect);
}
/**
* 账号密码登录动作(以此类推,可添加手机验证码,微信……第三方登录接口)
* @param userName
* @param password
* @param request
* @param response
* @return
*/
@RequestMapping(value = "/login",method = {RequestMethod.GET,RequestMethod.POST})
@ResponseBody
public ActionResult<String> login(String userName,String password, HttpServletRequest request, HttpServletResponse response){
// 验证登录是否通过
TUser user = new TUser();
if(user.getUserName().equals(userName) && user.getPassword().equals(password)) {
// 设置登录
String token = AutoLoginHelp.login(user, redisService,response);
// 重定向
String redirectUrl = request.getParameter("redirect");
if (redirectUrl != null && redirectUrl.trim().length() > 0) {
redirectUrl = redirectUrl + "?token=" + token;
logger.info("登录成功,重定向地址[{}]",redirectUrl);
}
return ActionResult.ok(redirectUrl);
}
return ActionResult.error(ResultEnum.LOGIN_FAIL.getMsgCn());
}
/**
* 单点登录的协助
* @author com.wangjc
* @title: AutoLoginHelp
* @projectName wangjc-blog
* @description: TODO
* @date 2020/6/17 19:24
*/
public class AutoLoginHelp {
private static final Logger logger = LoggerFactory.getLogger(AutoLoginHelp.class);
/**
* 登录检查
* @param request
* @param request
* @return
*/
public static TUser loginCheck(HttpServletRequest request, RedisService redisService){
String token = CookieUtil.getCookieValue(request,"token");
if(StringUtil.isNullOrEmpty(token)){
return null;
}
TUser user= (TUser) redisService.hget(SystemConstant.REDIS_KEY.LOGIN, token);
if(user != null){
redisService.hset(SystemConstant.REDIS_KEY.LOGIN,token,user,SystemConstant.REDIS_TIME.LOGIN);//刷新redis
return user;
}
logger.info("redis已过期,需重新登录。");
return null;
}
/**
* 登录,
* @param user
* @param redisService
* @return token
*/
public static String login(TUser user, RedisService redisService, HttpServletResponse response){
if(user != null){
String token = JWTUtil.sign(user.getId(),user.getPassword());
// 设置token到cookie,user到redis
CookieUtil.set(response,"token",token);
redisService.hset(SystemConstant.REDIS_KEY.LOGIN,token,user,SystemConstant.REDIS_TIME.LOGIN);
return token;
}
return null;
}
/**
* 注销,注销user,token可能在请求头,也有可能设置参数传递
* @param request
* @param redisService
*/
public static void logout(HttpServletRequest request,RedisService redisService){
String token = StringUtil.isNullOrEmpty(request.getParameter("token"))?request.getHeader("Authorization"):request.getParameter("token");
Long deleteHashKey = redisService.hashDeleteHashKey(SystemConstant.REDIS_KEY.LOGIN, token);
logger.info("注销成功!删除redis存储条目[{}]", deleteHashKey);
}
}
/**
* 核心过滤,资源放行
* @param request
* @param response
* @param chain
* @throws IOException
* @throws ServletException
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletResponse res = (HttpServletResponse) response;
HttpServletRequest req = (HttpServletRequest) request;
String path = req.getServletPath();//获取访问的地址
// 初始认证登陆的放行
String token = request.getParameter("token");
if(!StringUtil.isNullOrEmpty(token)){
// 设置token到cookie
CookieUtil.set(res,"token",token);
TUser user = (TUser) redisService.hget(SystemConstant.REDIS_KEY.LOGIN,token);
if(user == null){
res.sendRedirect(loginURL+"?redirect="+redirectServer);//定向到登录
return;
}
// 重定向,隐藏token
if("/".equals(path)){
res.sendRedirect(redirectServer);
return;
}
chain.doFilter(request,response);
return;
}
// 静态资源放行
if(staticResource(path)){
chain.doFilter(request,response);
return;
}
///这里一段业务逻辑(注销,分享,重置……)的放行,自定义
TUser user = AutoLoginHelp.loginCheck(req,redisService);
if(user == null){
res.sendRedirect(loginURL+"?redirect="+redirectServer);//定向到登录
return;
}
chain.doFilter(request,response);
}
wangjc.sso.autologin=http://127.0.0.1:8090/wangjc-sso-autologin/autoLogin/index
wangjc.sso.redirect-server=http://127.0.0.1:8091/wangjc-sso-test
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。