diff --git a/framework/gateway/src/main/java/io/metersphere/gateway/controller/LoginController.java b/framework/gateway/src/main/java/io/metersphere/gateway/controller/LoginController.java index cb35c8ff0f..1b50d1c672 100644 --- a/framework/gateway/src/main/java/io/metersphere/gateway/controller/LoginController.java +++ b/framework/gateway/src/main/java/io/metersphere/gateway/controller/LoginController.java @@ -5,6 +5,7 @@ import io.metersphere.commons.constants.OperLogConstants; import io.metersphere.commons.constants.OperLogModule; import io.metersphere.commons.constants.SessionConstants; import io.metersphere.commons.user.SessionUser; +import io.metersphere.commons.utils.LogUtil; import io.metersphere.commons.utils.RsaUtil; import io.metersphere.controller.handler.ResultHolder; import io.metersphere.dto.ServiceDTO; @@ -56,15 +57,21 @@ public class LoginController { if (StringUtils.isNotBlank(sessionId) && StringUtils.isNotBlank(csrfToken)) { userLoginService.validateCsrfToken(sessionId, csrfToken); Object userFromSession = redisSessionRepository.getSessionRedisOperations().opsForHash().get("spring:session:sessions:" + sessionId, "sessionAttr:user"); - if (userFromSession instanceof User) { - // 用户只有工作空间权限 - if (StringUtils.isBlank(((User) userFromSession).getLastProjectId())) { - ((User) userFromSession).setLastProjectId("no_such_project"); + if (userFromSession != null) { + if (userFromSession instanceof User) { + // 用户只有工作空间权限 + if (StringUtils.isBlank(((User) userFromSession).getLastProjectId())) { + ((User) userFromSession).setLastProjectId("no_such_project"); + } + // 使用数据库里的最新用户权限,不同的tab sessionId 不变 + UserDTO userDTO = userLoginService.getUserDTO(((User) userFromSession).getId()); + SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId); + return Mono.just(ResultHolder.success(sessionUser)); } - // 使用数据库里的最新用户权限,不同的tab sessionId 不变 - UserDTO userDTO = userLoginService.getUserDTO(((User) userFromSession).getId()); - SessionUser sessionUser = SessionUser.fromUser(userDTO, sessionId); - return Mono.just(ResultHolder.success(sessionUser)); + LogUtil.info("userFromSession.class: " + userFromSession.getClass().getName()); + return Mono.just(ResultHolder.success(userFromSession)); + } else { + LogUtil.info("userFromSession is null"); } } return Mono.just(ResultHolder.error(RsaUtil.getRsaKey().getPublicKey()));