在分佈式環境中,如何支持PC、APP(ios、android)等多端的會話共享,這也是所有公司都需要的解決方案,用傳統的session方式來解決,我想已經out了,我們是否可以找一個通用的方案,比如用傳統cas來實現多系統之間的sso單點登錄或使用oauth的第三方登錄方案? 今天給大家簡單講解一下使用spring攔截器Interceptor機制、jwt認證方式、redis分佈式緩存實現sso單點登錄
}
publicvoid setUid(String uid) {
this.uid = uid;
}
public String getToken() {
return token;
}
publicvoid setToken(String token) {
this.token = token;
}
publiclong getRefTime() {
return refTime;
}
publicvoid setRefTime(long refTime) {
this.refTime = refTime;
}
}
public class RedisLogin implements Serializable{
/**
*
*/
private static final long serialVersionUID = 8116817810829835862L;
/**
* 用戶id
*/
private String uid;
/**
* jwt生成的token信息
*/
private String token;
/**
* 登錄或刷新應用的時間
*/
private long refTime;
public RedisLogin(){
}
public RedisLogin(String uid, String token, long refTime){
this.uid = uid;
this.token = token;
this.refTime = refTime;
}
public String getUid() {
return uid;
}
public void setUid(String uid) {
this.uid = uid;
}
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
public long getRefTime() {
return refTime;
}
public void setRefTime(long refTime) {
this.refTime = refTime;
}
}
6. 編寫LoginInterceptor.java攔截器
Java代碼
publicclass LoginInterceptorimplements HandlerInterceptor{
publicboolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
PrintWriter writer =null;
HandlerMethod method =null;
try {
method = (HandlerMethod) handler;
}catch (Exception e) {
writer = response.getWriter();
ResponseVO responseVO = ResponseCode.buildEnumResponseVO(ResponseCode.REQUEST_URL_NOT_SERVICE,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
IsLogin isLogin = method.getMethodAnnotation(IsLogin.class);
if(null == isLogin){
returntrue;
}
response.setCharacterEncoding("utf-8");
String token = request.getHeader("token");
String uid = request.getHeader("uid");
//token不存在
if(StringUtils.isEmpty(token)) {
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.LOGIN_TOKEN_NOT_NULL,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
if(StringUtils.isEmpty(uid)){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_NULL,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
Login login = JWT.unsign(token, Login.class);
//解密token後的loginId與用戶傳來的loginId判斷是否一致
if(null == login || !StringUtils.equals(login.getUid(), uid)){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_UNAUTHORIZED,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
//驗證登錄時間
RedisLogin redisLogin = (RedisLogin)JedisUtils.getObject(uid);
if(null == redisLogin){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.RESPONSE_CODE_UNLOGIN_ERROR,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
if(!StringUtils.equals(token, redisLogin.getToken())){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_UNAUTHORIZED,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
//系統時間>有效期(說明已經超過有效期)
if (System.currentTimeMillis() > redisLogin.getRefTime()) {
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.LOGIN_TIME_EXP,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
//重新刷新有效期
redisLogin =new RedisLogin(uid, token, System.currentTimeMillis() + 60L* 1000L* 30L);
JedisUtils.setObject(uid , redisLogin,360000000);
returntrue;
}
publicvoid postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView)throws Exception {
}
publicvoid afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
}
privatevoid responseMessage(HttpServletResponse response, PrintWriter out, ResponseVO responseVO) {
response.setContentType("application/json; charset=utf-8");
JSONObject result =new JSONObject();
result.put("result", responseVO);
out.print(result);
out.flush();
out.close();
}
}
[java]view plaincopyprint?
publicclass LoginInterceptorimplements HandlerInterceptor{
publicboolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
PrintWriter writer =null;
HandlerMethod method =null;
try {
method = (HandlerMethod) handler;
}catch (Exception e) {
writer = response.getWriter();
ResponseVO responseVO = ResponseCode.buildEnumResponseVO(ResponseCode.REQUEST_URL_NOT_SERVICE,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
IsLogin isLogin = method.getMethodAnnotation(IsLogin.class);
if(null == isLogin){
returntrue;
}
response.setCharacterEncoding("utf-8");
String token = request.getHeader("token");
String uid = request.getHeader("uid");
//token不存在
if(StringUtils.isEmpty(token)) {
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.LOGIN_TOKEN_NOT_NULL,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
if(StringUtils.isEmpty(uid)){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_NULL,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
Login login = JWT.unsign(token, Login.class);
//解密token後的loginId與用戶傳來的loginId判斷是否一致
if(null == login || !StringUtils.equals(login.getUid(), uid)){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_UNAUTHORIZED,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
//驗證登錄時間
RedisLogin redisLogin = (RedisLogin)JedisUtils.getObject(uid);
if(null == redisLogin){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.RESPONSE_CODE_UNLOGIN_ERROR,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
if(!StringUtils.equals(token, redisLogin.getToken())){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_UNAUTHORIZED,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
//系統時間>有效期(說明已經超過有效期)
if (System.currentTimeMillis() > redisLogin.getRefTime()) {
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.LOGIN_TIME_EXP,false);
responseMessage(response, writer, responseVO);
returnfalse;
}
//重新刷新有效期
redisLogin =new RedisLogin(uid, token, System.currentTimeMillis() + 60L* 1000L* 30L);
JedisUtils.setObject(uid , redisLogin,360000000);
returntrue;
}
publicvoid postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView)throws Exception {
}
publicvoid afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
}
privatevoid responseMessage(HttpServletResponse response, PrintWriter out, ResponseVO responseVO) {
response.setContentType("application/json; charset=utf-8");
JSONObject result =new JSONObject();
result.put("result", responseVO);
out.print(result);
out.flush();
out.close();
}
}
public class LoginInterceptor implements HandlerInterceptor{
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
PrintWriter writer = null;
HandlerMethod method = null;
try {
method = (HandlerMethod) handler;
} catch (Exception e) {
writer = response.getWriter();
ResponseVO responseVO = ResponseCode.buildEnumResponseVO(ResponseCode.REQUEST_URL_NOT_SERVICE, false);
responseMessage(response, writer, responseVO);
return false;
}
IsLogin isLogin = method.getMethodAnnotation(IsLogin.class);
if(null == isLogin){
return true;
}
response.setCharacterEncoding("utf-8");
String token = request.getHeader("token");
String uid = request.getHeader("uid");
//token不存在
if(StringUtils.isEmpty(token)) {
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.LOGIN_TOKEN_NOT_NULL, false);
responseMessage(response, writer, responseVO);
return false;
}
if(StringUtils.isEmpty(uid)){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_NULL, false);
responseMessage(response, writer, responseVO);
return false;
}
Login login = JWT.unsign(token, Login.class);
//解密token後的loginId與用戶傳來的loginId判斷是否一致
if(null == login || !StringUtils.equals(login.getUid(), uid)){
writer = response.getWriter();
ResponseVO responseVO = LoginResponseCode.buildEnumResponseVO(LoginResponseCode.USERID_NOT_UNAUTHORIZED, false);
responseMessage(response, writer, responseVO);
願意瞭解框架技術或者源碼的朋友直接求求交流分享技術:3133806896
分佈式的一些解決方案,有願意瞭解的朋友可以找我們團隊探討