fix(登录): 修复同一个线程多个用户登录的bug

2021-04-08 17:47:19 +08:00 · 2021-04-08 17:47:19 +08:00 · 92596cfd36
parent 136f6f9e18
commit 92596cfd36
4 changed files with 10 additions and 1 deletions
--- a/backend/src/main/java/io/metersphere/controller/LoginController.java
+++ b/backend/src/main/java/io/metersphere/controller/LoginController.java
@ -3,9 +3,9 @@ package io.metersphere.controller;
 import io.metersphere.commons.constants.UserSource;
 import io.metersphere.commons.user.SessionUser;
 import io.metersphere.commons.utils.RsaKey;
-import io.metersphere.commons.utils.RsaUtil;
 import io.metersphere.commons.utils.SessionUtils;
 import io.metersphere.controller.request.LoginRequest;
+import io.metersphere.i18n.Translator;
 import io.metersphere.service.BaseDisplayService;
 import io.metersphere.service.UserService;
 import org.apache.commons.lang3.StringUtils;
@ -42,6 +42,12 @@ public class LoginController {

    @PostMapping(value = "/signin")
    public ResultHolder login(@RequestBody LoginRequest request) {
+        SessionUser sessionUser = SessionUtils.getUser();
+        if (sessionUser != null) {
+            if (!StringUtils.equals(sessionUser.getId(), request.getUsername())) {
+                return ResultHolder.error(Translator.get("please_logout_current_user"));
+            }
+        }
        SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LOCAL.name());
        return userService.login(request);
    }
--- a/backend/src/main/resources/i18n/messages_en_US.properties
+++ b/backend/src/main/resources/i18n/messages_en_US.properties
@ -29,6 +29,7 @@ user_expires=user expires.
 not_authorized=not authorized.
 login_fail=Login fail
 user_apikey_limit=Can have up to 5 api keys
+please_logout_current_user=Please logout current user first
 #load test
 edit_load_test_not_found=Cannot edit test, test not found=
 run_load_test_not_found=Cannot run test, test not found=
--- a/backend/src/main/resources/i18n/messages_zh_CN.properties
+++ b/backend/src/main/resources/i18n/messages_zh_CN.properties
@ -29,6 +29,7 @@ user_locked=用户被锁定
 user_expires=用户过期
 not_authorized=未经授权
 user_apikey_limit=最多能有5个Api key
+please_logout_current_user=请先登出当前用户
 #load test
 edit_load_test_not_found=无法编辑测试，未找到测试：
 run_load_test_not_found=无法运行测试，未找到测试：
--- a/backend/src/main/resources/i18n/messages_zh_TW.properties
+++ b/backend/src/main/resources/i18n/messages_zh_TW.properties
@ -29,6 +29,7 @@ user_expires=用戶過期
 not_authorized=未經授權。
 login_fail=登入失敗
 user_apikey_limit=最多能有5個Api key
+please_logout_current_user=請先登出當前用戶
 #load test
 edit_load_test_not_found=無法編輯測試，未找到測試：
 run_load_test_not_found=無法運行測試，未找到測試：