refactor: 查询用户是否在线使用block方法
This commit is contained in:
parent
bac4be00f4
commit
0008fb5e74
|
@ -19,6 +19,8 @@ import io.metersphere.request.LoginRequest;
|
||||||
import org.apache.commons.lang3.BooleanUtils;
|
import org.apache.commons.lang3.BooleanUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.cloud.client.discovery.DiscoveryClient;
|
import org.springframework.cloud.client.discovery.DiscoveryClient;
|
||||||
|
import org.springframework.data.redis.core.RedisTemplate;
|
||||||
|
import org.springframework.data.redis.core.StringRedisTemplate;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.session.data.redis.ReactiveRedisSessionRepository;
|
import org.springframework.session.data.redis.ReactiveRedisSessionRepository;
|
||||||
|
@ -50,7 +52,7 @@ public class LoginController {
|
||||||
@Resource
|
@Resource
|
||||||
private SystemParameterService systemParameterService;
|
private SystemParameterService systemParameterService;
|
||||||
@Resource
|
@Resource
|
||||||
private ReactiveRedisSessionRepository reactiveRedisSessionRepository;
|
private StringRedisTemplate stringRedisTemplate;
|
||||||
|
|
||||||
@GetMapping(value = "/is-login")
|
@GetMapping(value = "/is-login")
|
||||||
public Mono<ResultHolder> isLogin(@RequestHeader(name = SessionConstants.HEADER_TOKEN, required = false) String sessionId,
|
public Mono<ResultHolder> isLogin(@RequestHeader(name = SessionConstants.HEADER_TOKEN, required = false) String sessionId,
|
||||||
|
@ -58,25 +60,19 @@ public class LoginController {
|
||||||
RsaKey rsaKey = RsaUtil.getRsaKey();
|
RsaKey rsaKey = RsaUtil.getRsaKey();
|
||||||
|
|
||||||
if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) {
|
if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) {
|
||||||
userLoginService.validateCsrfToken(sessionId, csrfToken);
|
String userId = userLoginService.validateCsrfToken(sessionId, csrfToken);
|
||||||
return reactiveRedisSessionRepository.getSessionRedisOperations().opsForHash().get("spring:session:sessions:" + sessionId, "sessionAttr:user")
|
Boolean exist = stringRedisTemplate.opsForHash().hasKey("spring:session:sessions:" + sessionId, "sessionAttr:user");
|
||||||
.switchIfEmpty(Mono.just(rsaKey))
|
if (BooleanUtils.isFalse(exist)) {
|
||||||
.map(r -> {
|
return Mono.just(ResultHolder.error(rsaKey.getPublicKey()));
|
||||||
if (r instanceof RsaKey) {
|
}
|
||||||
return ResultHolder.error(rsaKey.getPublicKey());
|
// 使用数据库里的最新用户权限,不同的tab sessionId 不变
|
||||||
}
|
UserDTO userDTO = userLoginService.getUserDTO(userId);
|
||||||
if (r instanceof User) {
|
SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId);
|
||||||
// 用户只有工作空间权限
|
// 用户只有工作空间权限
|
||||||
if (StringUtils.isBlank(((User) r).getLastProjectId())) {
|
if (StringUtils.isBlank(sessionUser.getLastProjectId())) {
|
||||||
((User) r).setLastProjectId("no_such_project");
|
sessionUser.setLastProjectId("no_such_project");
|
||||||
}
|
}
|
||||||
// 使用数据库里的最新用户权限,不同的tab sessionId 不变
|
return Mono.just(ResultHolder.success(sessionUser));
|
||||||
UserDTO userDTO = userLoginService.getUserDTO(((User) r).getId());
|
|
||||||
SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId);
|
|
||||||
return ResultHolder.success(sessionUser);
|
|
||||||
}
|
|
||||||
return ResultHolder.success(r);
|
|
||||||
});
|
|
||||||
} else {
|
} else {
|
||||||
return Mono.just(ResultHolder.error(rsaKey.getPublicKey()));
|
return Mono.just(ResultHolder.error(rsaKey.getPublicKey()));
|
||||||
}
|
}
|
||||||
|
|
|
@ -455,7 +455,7 @@ public class UserLoginService {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public void validateCsrfToken(String sessionId, String csrfToken) {
|
public String validateCsrfToken(String sessionId, String csrfToken) {
|
||||||
if (StringUtils.isBlank(csrfToken)) {
|
if (StringUtils.isBlank(csrfToken)) {
|
||||||
throw new RuntimeException("csrf token is empty");
|
throw new RuntimeException("csrf token is empty");
|
||||||
}
|
}
|
||||||
|
@ -468,6 +468,7 @@ public class UserLoginService {
|
||||||
if (!StringUtils.equals(sessionId, signatureArray[2])) {
|
if (!StringUtils.equals(sessionId, signatureArray[2])) {
|
||||||
throw new RuntimeException("Please check csrf token.");
|
throw new RuntimeException("Please check csrf token.");
|
||||||
}
|
}
|
||||||
|
return signatureArray[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean checkWhetherChangePasswordOrNot(LoginRequest request) {
|
public boolean checkWhetherChangePasswordOrNot(LoginRequest request) {
|
||||||
|
|
Loading…
Reference in New Issue