fix: SSO登录退出相关问题

2022-10-24 12:21:00 +08:00 · 2022-10-24 12:21:00 +08:00 · da11f99b3b
parent 9d32bc698a
commit da11f99b3b
5 changed files with 11 additions and 7 deletions
--- a/framework/gateway/src/main/java/io/metersphere/gateway/controller/LdapController.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/controller/LdapController.java
@ -9,6 +9,7 @@ import io.metersphere.request.LoginRequest;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.server.WebSession;
 import reactor.core.publisher.Mono;
+import reactor.core.scheduler.Schedulers;

 import javax.annotation.Resource;
 import java.util.Locale;
@ -23,7 +24,8 @@ public class LdapController {
    @PostMapping(value = "/signin")
    @MsAuditLog(module = OperLogModule.SYSTEM_PARAMETER_SETTING, type = OperLogConstants.LOGIN, title = "LDAP")
    public Mono<ResultHolder> login(@RequestBody LoginRequest request, WebSession session, Locale locale) {
-        return Mono.just(ldapService.login(request, session, locale))
+        return Mono.defer(() -> ldapService.login(request, session, locale).map(Mono::just).orElseGet(Mono::empty))
+                .subscribeOn(Schedulers.boundedElastic())
                .map(ResultHolder::success);
    }

--- a/framework/gateway/src/main/java/io/metersphere/gateway/controller/LoginController.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/controller/LoginController.java
@ -71,7 +71,6 @@ public class LoginController {
        return Mono.defer(() -> userLoginService.login(request, session, locale).map(Mono::just).orElseGet(Mono::empty))
                .subscribeOn(Schedulers.boundedElastic())
                .switchIfEmpty(Mono.error(new ResponseStatusException(HttpStatus.BAD_REQUEST, "Not found user info or invalid password")))
-                .doOnNext(user -> session.getAttributes().put("user", user))
                .map(ResultHolder::success);
    }

--- a/framework/gateway/src/main/java/io/metersphere/gateway/service/LdapService.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/service/LdapService.java
@ -109,7 +109,6 @@ public class LdapService {

        session.getAttributes().put("authenticate", UserSource.LDAP.name());
        session.getAttributes().put("email", email);
-        session.getAttributes().put("user", u);

        // 执行 LocalRealm 中 LDAP 登录逻辑
        LoginRequest loginRequest = new LoginRequest();
--- a/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
@ -2,6 +2,7 @@ package io.metersphere.gateway.service;

 import io.metersphere.base.domain.AuthSource;
 import io.metersphere.base.domain.User;
+import io.metersphere.commons.constants.SessionConstants;
 import io.metersphere.commons.exception.MSException;
 import io.metersphere.commons.user.SessionUser;
 import io.metersphere.commons.utils.CodingUtil;
@ -155,7 +156,7 @@ public class SSOService {
        Optional<SessionUser> userOptional = userLoginService.login(loginRequest, session, locale);
        session.getAttributes().put("authenticate", authSource.getType());
        session.getAttributes().put("authId", authSource.getId());
-        session.getAttributes().put("user", userOptional.get());
+        session.getAttributes().put(SessionConstants.ATTR_USER, userOptional.get());
        return userOptional;
    }

@ -195,7 +196,7 @@ public class SSOService {
        Optional<SessionUser> userOptional = userLoginService.login(loginRequest, session, locale);
        session.getAttributes().put("authenticate", authSource.getType());
        session.getAttributes().put("authId", authSource.getId());
-        session.getAttributes().put("user", userOptional.get());
+        session.getAttributes().put(SessionConstants.ATTR_USER, userOptional.get());
        session.getAttributes().put("casTicket", ticket);
        // 记录cas对应关系
        Long timeout = env.getProperty("spring.session.timeout", Long.class);
--- a/framework/gateway/src/main/java/io/metersphere/gateway/service/UserLoginService.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/service/UserLoginService.java
@ -2,6 +2,7 @@ package io.metersphere.gateway.service;

 import io.metersphere.base.domain.*;
 import io.metersphere.base.mapper.*;
+import io.metersphere.commons.constants.SessionConstants;
 import io.metersphere.commons.constants.UserGroupType;
 import io.metersphere.commons.constants.UserSource;
 import io.metersphere.commons.constants.UserStatus;
@ -56,7 +57,9 @@ public class UserLoginService {
                break;
        }
        autoSwitch(session, userDTO);
-        return Optional.of(SessionUser.fromUser(userDTO, session.getId()));
+        SessionUser sessionUser = SessionUser.fromUser(userDTO, session.getId());
+        session.getAttributes().put(SessionConstants.ATTR_USER, sessionUser);
+        return Optional.of(sessionUser);
    }

    private UserDTO loginLdapMode(String userId, String authenticate) {
@ -217,7 +220,7 @@ public class UserLoginService {
        }
        BeanUtils.copyProperties(user, newUser);
        // 切换工作空间或组织之后更新 session 里的 user
-        session.getAttributes().put("user", SessionUser.fromUser(user, session.getId()));
+        session.getAttributes().put(SessionConstants.ATTR_USER, SessionUser.fromUser(user, session.getId()));
        session.getAttributes().put(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, sessionUser.getId());
        userMapper.updateByPrimaryKeySelective(newUser);
    }