refactor(gateway): 重写is-login方法,不用响应式,防止阻塞redisson线程
This commit is contained in:
parent
5d09bd48d6
commit
166cde0b11
|
@ -1,18 +1,30 @@
|
||||||
package io.metersphere.gateway.config;
|
package io.metersphere.gateway.config;
|
||||||
|
|
||||||
import io.metersphere.commons.constants.SessionConstants;
|
import io.metersphere.commons.constants.SessionConstants;
|
||||||
|
import jakarta.annotation.Resource;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.data.redis.core.RedisTemplate;
|
||||||
|
import org.springframework.session.data.redis.RedisSessionRepository;
|
||||||
import org.springframework.web.server.session.HeaderWebSessionIdResolver;
|
import org.springframework.web.server.session.HeaderWebSessionIdResolver;
|
||||||
import org.springframework.web.server.session.WebSessionIdResolver;
|
import org.springframework.web.server.session.WebSessionIdResolver;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
public class SessionConfig {
|
public class SessionConfig {
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private RedisTemplate<String, Object> redisTemplate;
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public WebSessionIdResolver webSessionIdResolver() {
|
public WebSessionIdResolver webSessionIdResolver() {
|
||||||
HeaderWebSessionIdResolver sessionIdResolver = new HeaderWebSessionIdResolver();
|
HeaderWebSessionIdResolver sessionIdResolver = new HeaderWebSessionIdResolver();
|
||||||
sessionIdResolver.setHeaderName(SessionConstants.HEADER_TOKEN); // Define Session Header Name
|
sessionIdResolver.setHeaderName(SessionConstants.HEADER_TOKEN); // Define Session Header Name
|
||||||
return sessionIdResolver;
|
return sessionIdResolver;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public RedisSessionRepository redisSessionRepository() {
|
||||||
|
return new RedisSessionRepository(redisTemplate);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -5,31 +5,29 @@ import io.metersphere.commons.constants.OperLogConstants;
|
||||||
import io.metersphere.commons.constants.OperLogModule;
|
import io.metersphere.commons.constants.OperLogModule;
|
||||||
import io.metersphere.commons.constants.SessionConstants;
|
import io.metersphere.commons.constants.SessionConstants;
|
||||||
import io.metersphere.commons.user.SessionUser;
|
import io.metersphere.commons.user.SessionUser;
|
||||||
import io.metersphere.commons.utils.RsaKey;
|
|
||||||
import io.metersphere.commons.utils.RsaUtil;
|
import io.metersphere.commons.utils.RsaUtil;
|
||||||
import io.metersphere.controller.handler.ResultHolder;
|
import io.metersphere.controller.handler.ResultHolder;
|
||||||
import io.metersphere.dto.ServiceDTO;
|
import io.metersphere.dto.ServiceDTO;
|
||||||
import io.metersphere.dto.UserDTO;
|
import io.metersphere.dto.UserDTO;
|
||||||
|
import io.metersphere.gateway.log.annotation.MsAuditLog;
|
||||||
import io.metersphere.gateway.service.AuthSourceService;
|
import io.metersphere.gateway.service.AuthSourceService;
|
||||||
import io.metersphere.gateway.service.BaseDisplayService;
|
import io.metersphere.gateway.service.BaseDisplayService;
|
||||||
import io.metersphere.gateway.service.SystemParameterService;
|
import io.metersphere.gateway.service.SystemParameterService;
|
||||||
import io.metersphere.gateway.service.UserLoginService;
|
import io.metersphere.gateway.service.UserLoginService;
|
||||||
import io.metersphere.gateway.log.annotation.MsAuditLog;
|
|
||||||
import io.metersphere.request.LoginRequest;
|
import io.metersphere.request.LoginRequest;
|
||||||
|
import jakarta.annotation.Resource;
|
||||||
import org.apache.commons.lang3.BooleanUtils;
|
import org.apache.commons.lang3.BooleanUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.cloud.client.discovery.DiscoveryClient;
|
import org.springframework.cloud.client.discovery.DiscoveryClient;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.session.data.redis.ReactiveRedisSessionRepository;
|
import org.springframework.session.data.redis.RedisSessionRepository;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import org.springframework.web.server.ResponseStatusException;
|
import org.springframework.web.server.ResponseStatusException;
|
||||||
import org.springframework.web.server.WebSession;
|
import org.springframework.web.server.WebSession;
|
||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
import reactor.core.scheduler.Schedulers;
|
import reactor.core.scheduler.Schedulers;
|
||||||
|
|
||||||
import jakarta.annotation.Resource;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Locale;
|
import java.util.Locale;
|
||||||
|
@ -50,36 +48,26 @@ public class LoginController {
|
||||||
@Resource
|
@Resource
|
||||||
private SystemParameterService systemParameterService;
|
private SystemParameterService systemParameterService;
|
||||||
@Resource
|
@Resource
|
||||||
private ReactiveRedisSessionRepository reactiveRedisSessionRepository;
|
private RedisSessionRepository redisSessionRepository;
|
||||||
|
|
||||||
@GetMapping(value = "/is-login")
|
@GetMapping(value = "/is-login")
|
||||||
public Mono<ResultHolder> isLogin(@RequestHeader(name = SessionConstants.HEADER_TOKEN, required = false) String sessionId,
|
public Mono<ResultHolder> isLogin(@RequestHeader(name = SessionConstants.HEADER_TOKEN, required = false) String sessionId,
|
||||||
@RequestHeader(name = SessionConstants.CSRF_TOKEN, required = false) String csrfToken) throws Exception {
|
@RequestHeader(name = SessionConstants.CSRF_TOKEN, required = false) String csrfToken) throws Exception {
|
||||||
RsaKey rsaKey = RsaUtil.getRsaKey();
|
|
||||||
|
|
||||||
if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) {
|
if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) {
|
||||||
userLoginService.validateCsrfToken(sessionId, csrfToken);
|
userLoginService.validateCsrfToken(sessionId, csrfToken);
|
||||||
return reactiveRedisSessionRepository.getSessionRedisOperations().opsForHash().get("spring:session:sessions:" + sessionId, "sessionAttr:user")
|
Object userFromSession = redisSessionRepository.getSessionRedisOperations().opsForHash().get("spring:session:sessions:" + sessionId, "sessionAttr:user");
|
||||||
.switchIfEmpty(Mono.just(rsaKey))
|
if (userFromSession instanceof User) {
|
||||||
.map(r -> {
|
|
||||||
if (r instanceof RsaKey) {
|
|
||||||
return ResultHolder.error(rsaKey.getPublicKey());
|
|
||||||
}
|
|
||||||
if (r instanceof User) {
|
|
||||||
// 用户只有工作空间权限
|
// 用户只有工作空间权限
|
||||||
if (StringUtils.isBlank(((User) r).getLastProjectId())) {
|
if (StringUtils.isBlank(((User) userFromSession).getLastProjectId())) {
|
||||||
((User) r).setLastProjectId("no_such_project");
|
((User) userFromSession).setLastProjectId("no_such_project");
|
||||||
}
|
}
|
||||||
// 使用数据库里的最新用户权限,不同的tab sessionId 不变
|
// 使用数据库里的最新用户权限,不同的tab sessionId 不变
|
||||||
UserDTO userDTO = userLoginService.getUserDTO(((User) r).getId());
|
UserDTO userDTO = userLoginService.getUserDTO(((User) userFromSession).getId());
|
||||||
SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId);
|
SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId);
|
||||||
return ResultHolder.success(sessionUser);
|
return Mono.just(ResultHolder.success(sessionUser));
|
||||||
}
|
}
|
||||||
return ResultHolder.success(r);
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
return Mono.just(ResultHolder.error(rsaKey.getPublicKey()));
|
|
||||||
}
|
}
|
||||||
|
return Mono.just(ResultHolder.error(RsaUtil.getRsaKey().getPublicKey()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping(value = "/signin")
|
@PostMapping(value = "/signin")
|
||||||
|
|
Loading…
Reference in New Issue