refactor(gateway): 重写is-login方法,不用响应式,防止阻塞redisson线程

This commit is contained in:
liqiang-fit2cloud 2023-04-28 19:55:29 +08:00
parent 5d09bd48d6
commit 166cde0b11
2 changed files with 28 additions and 28 deletions

View File

@ -1,18 +1,30 @@
package io.metersphere.gateway.config; package io.metersphere.gateway.config;
import io.metersphere.commons.constants.SessionConstants; import io.metersphere.commons.constants.SessionConstants;
import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.session.data.redis.RedisSessionRepository;
import org.springframework.web.server.session.HeaderWebSessionIdResolver; import org.springframework.web.server.session.HeaderWebSessionIdResolver;
import org.springframework.web.server.session.WebSessionIdResolver; import org.springframework.web.server.session.WebSessionIdResolver;
@Configuration @Configuration
public class SessionConfig { public class SessionConfig {
@Resource
private RedisTemplate<String, Object> redisTemplate;
@Bean @Bean
public WebSessionIdResolver webSessionIdResolver() { public WebSessionIdResolver webSessionIdResolver() {
HeaderWebSessionIdResolver sessionIdResolver = new HeaderWebSessionIdResolver(); HeaderWebSessionIdResolver sessionIdResolver = new HeaderWebSessionIdResolver();
sessionIdResolver.setHeaderName(SessionConstants.HEADER_TOKEN); // Define Session Header Name sessionIdResolver.setHeaderName(SessionConstants.HEADER_TOKEN); // Define Session Header Name
return sessionIdResolver; return sessionIdResolver;
} }
@Bean
public RedisSessionRepository redisSessionRepository() {
return new RedisSessionRepository(redisTemplate);
}
} }

View File

@ -5,31 +5,29 @@ import io.metersphere.commons.constants.OperLogConstants;
import io.metersphere.commons.constants.OperLogModule; import io.metersphere.commons.constants.OperLogModule;
import io.metersphere.commons.constants.SessionConstants; import io.metersphere.commons.constants.SessionConstants;
import io.metersphere.commons.user.SessionUser; import io.metersphere.commons.user.SessionUser;
import io.metersphere.commons.utils.RsaKey;
import io.metersphere.commons.utils.RsaUtil; import io.metersphere.commons.utils.RsaUtil;
import io.metersphere.controller.handler.ResultHolder; import io.metersphere.controller.handler.ResultHolder;
import io.metersphere.dto.ServiceDTO; import io.metersphere.dto.ServiceDTO;
import io.metersphere.dto.UserDTO; import io.metersphere.dto.UserDTO;
import io.metersphere.gateway.log.annotation.MsAuditLog;
import io.metersphere.gateway.service.AuthSourceService; import io.metersphere.gateway.service.AuthSourceService;
import io.metersphere.gateway.service.BaseDisplayService; import io.metersphere.gateway.service.BaseDisplayService;
import io.metersphere.gateway.service.SystemParameterService; import io.metersphere.gateway.service.SystemParameterService;
import io.metersphere.gateway.service.UserLoginService; import io.metersphere.gateway.service.UserLoginService;
import io.metersphere.gateway.log.annotation.MsAuditLog;
import io.metersphere.request.LoginRequest; import io.metersphere.request.LoginRequest;
import jakarta.annotation.Resource;
import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.cloud.client.discovery.DiscoveryClient; import org.springframework.cloud.client.discovery.DiscoveryClient;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.session.data.redis.ReactiveRedisSessionRepository; import org.springframework.session.data.redis.RedisSessionRepository;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import org.springframework.web.server.ResponseStatusException; import org.springframework.web.server.ResponseStatusException;
import org.springframework.web.server.WebSession; import org.springframework.web.server.WebSession;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers; import reactor.core.scheduler.Schedulers;
import jakarta.annotation.Resource;
import java.io.IOException; import java.io.IOException;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
@ -50,36 +48,26 @@ public class LoginController {
@Resource @Resource
private SystemParameterService systemParameterService; private SystemParameterService systemParameterService;
@Resource @Resource
private ReactiveRedisSessionRepository reactiveRedisSessionRepository; private RedisSessionRepository redisSessionRepository;
@GetMapping(value = "/is-login") @GetMapping(value = "/is-login")
public Mono<ResultHolder> isLogin(@RequestHeader(name = SessionConstants.HEADER_TOKEN, required = false) String sessionId, public Mono<ResultHolder> isLogin(@RequestHeader(name = SessionConstants.HEADER_TOKEN, required = false) String sessionId,
@RequestHeader(name = SessionConstants.CSRF_TOKEN, required = false) String csrfToken) throws Exception { @RequestHeader(name = SessionConstants.CSRF_TOKEN, required = false) String csrfToken) throws Exception {
RsaKey rsaKey = RsaUtil.getRsaKey();
if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) { if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) {
userLoginService.validateCsrfToken(sessionId, csrfToken); userLoginService.validateCsrfToken(sessionId, csrfToken);
return reactiveRedisSessionRepository.getSessionRedisOperations().opsForHash().get("spring:session:sessions:" + sessionId, "sessionAttr:user") Object userFromSession = redisSessionRepository.getSessionRedisOperations().opsForHash().get("spring:session:sessions:" + sessionId, "sessionAttr:user");
.switchIfEmpty(Mono.just(rsaKey)) if (userFromSession instanceof User) {
.map(r -> {
if (r instanceof RsaKey) {
return ResultHolder.error(rsaKey.getPublicKey());
}
if (r instanceof User) {
// 用户只有工作空间权限 // 用户只有工作空间权限
if (StringUtils.isBlank(((User) r).getLastProjectId())) { if (StringUtils.isBlank(((User) userFromSession).getLastProjectId())) {
((User) r).setLastProjectId("no_such_project"); ((User) userFromSession).setLastProjectId("no_such_project");
} }
// 使用数据库里的最新用户权限不同的tab sessionId 不变 // 使用数据库里的最新用户权限不同的tab sessionId 不变
UserDTO userDTO = userLoginService.getUserDTO(((User) r).getId()); UserDTO userDTO = userLoginService.getUserDTO(((User) userFromSession).getId());
SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId); SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId);
return ResultHolder.success(sessionUser); return Mono.just(ResultHolder.success(sessionUser));
} }
return ResultHolder.success(r);
});
} else {
return Mono.just(ResultHolder.error(rsaKey.getPublicKey()));
} }
return Mono.just(ResultHolder.error(RsaUtil.getRsaKey().getPublicKey()));
} }
@PostMapping(value = "/signin") @PostMapping(value = "/signin")