fangqiao/qiaoba-boot
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add

Browse Source
This commit is contained in:
ailanyin
2023-07-07 12:52:16 +08:00
parent d44775e87c
commit 8aad406ab0
9 changed files with 57 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
qiaoba-auth/src/main/java/com/qiaoba/auth/filters/OnlineUserFilter.java
View File

@ -60,9 +60,15 @@ public class OnlineUserFilter extends OncePerRequestFilter {
String deviceSn = onlineUserDto.getDeviceSn();
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
if (Objects.isNull(userDetails)) {
onlineUserService.deleteOne(username, deviceSn, true);
ResponseUtil.errorAuth(response, 4011, "登陆过期");
return;
}
// 不允许同时在线
if (!authConfigApiService.checkAllowBothOnline()) {
if (redisService.hasKey(SecurityConstant.LOGGED_USER_REDIS_KEY + username)) {
if (redisService.hasKey(SecurityConstant.LAST_LOGIN_USER_REDIS_KEY + username)) {
if (!onlineUserService.checkIsLastLogged(username, deviceSn)) {
onlineUserService.deleteOne(username, deviceSn, true);
ResponseUtil.errorAuth(response, 4012, "被挤下线");
@ -72,13 +78,7 @@ public class OnlineUserFilter extends OncePerRequestFilter {
ResponseUtil.errorAuth(response, 4011, "登陆过期");
return;
}
}
// 允许同时在线
else {
if (Objects.isNull(userDetails)) {
ResponseUtil.errorAuth(response, 4011, "登陆过期");
return;
}
}
chain.doFilter(request, response);

35
qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/OnlineUserServiceImpl.java
View File

@ -2,10 +2,10 @@ package com.qiaoba.auth.service.impl;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import com.qiaoba.api.auth.service.SysUserDetailsApiService;
import com.qiaoba.api.auth.constants.SecurityConstant;
import com.qiaoba.api.auth.entity.OnlineUser;
import com.qiaoba.api.auth.entity.dto.OnlineUserDto;
import com.qiaoba.api.auth.service.AuthConfigApiService;
import com.qiaoba.api.auth.service.OnlineUserService;
import com.qiaoba.api.auth.utils.TokenUtil;
import com.qiaoba.common.base.constants.BaseConstant;
@ -32,9 +32,8 @@ import java.util.List;
public class OnlineUserServiceImpl implements OnlineUserService {
private final RedisService redisService;
private final SysUserDetailsApiService sysUserDetailsApiService;
private final HttpServletRequest request;
private final AuthConfigApiService authConfigApiService;
@Override
public void insert(OnlineUser onlineUser) {
@ -48,11 +47,31 @@ public class OnlineUserServiceImpl implements OnlineUserService {
throw new ServiceException("禁止踢出自己!");
}
if (deviceSn.equals(redisService.get(SecurityConstant.LOGGED_USER_REDIS_KEY + username))) {
redisService.del(SecurityConstant.LOGGED_USER_REDIS_KEY + username);
}
sysUserDetailsApiService.deleteCache(username, deviceSn);
// 删除在线用户信息
redisService.del(handleKey(username, deviceSn));
// 允许同时在线
if (authConfigApiService.checkAllowBothOnline()) {
// > 1 说明还有其他设备登录着 不能删除 userDetail || == 1 说明没有其他设备 可以删除 userDetail
if (redisService.hSize(SecurityConstant.LOGIN_USER_DEVICES_REDIS_KEY + username) <= 1) {
// 删除 userDetail
redisService.del(SecurityConstant.USER_DETAILS_REDIS_KEY + username);
}
}
// 不允许同时在线
else {
// 最后登录的设备是自己 可以删除 userDetail
if (checkIsLastLogged(username, deviceSn)) {
redisService.del(SecurityConstant.USER_DETAILS_REDIS_KEY + username);
}
}
// 删除最后登录的用户设备
if (deviceSn.equals(redisService.get(SecurityConstant.LAST_LOGIN_USER_REDIS_KEY + username))) {
redisService.del(SecurityConstant.LAST_LOGIN_USER_REDIS_KEY + username);
}
// 删除 hash中的自己
redisService.hDel(SecurityConstant.LOGIN_USER_DEVICES_REDIS_KEY + username, deviceSn);
}
@Override
@ -82,7 +101,7 @@ public class OnlineUserServiceImpl implements OnlineUserService {
@Override
public Boolean checkIsLastLogged(String username, String deviceSn) {
String loggedDevice = redisService.get(SecurityConstant.LOGGED_USER_REDIS_KEY + username).toString();
String loggedDevice = redisService.get(SecurityConstant.LAST_LOGIN_USER_REDIS_KEY + username).toString();
return deviceSn.equals(loggedDevice);
}