同一用户只能一处登录注销改为通过key进行校验

李泰瑜
1 parent d8c9c10b
Showing 2 changed files with 63 additions and 17 deletions
jeecg-boot-master/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
jeecg-boot-master/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java
@@ -24,9 +24,11 @@ import org.jeecg.modules.system.entity.SysUser;
 import org.jeecg.modules.system.model.SysLoginModel;
 import org.jeecg.modules.system.service.*;
 import org.jeecg.modules.system.util.RandImageUtil;
+import org.jeecg.modules.system.vo.SysUserOnlineVO;
 import org.jeecg.utils.StringUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.*;
 import javax.annotation.Resource;
@@ -56,6 +58,8 @@ public class LoginController {
 	@Autowired
 	private ISysTenantService sysTenantService;
 	@Autowired
+	public RedisTemplate redisTemplate;
+	@Autowired
     private ISysDictService sysDictService;
 	@Resource
 	private BaseCommonService baseCommonService;
@@ -430,6 +434,32 @@ public class LoginController {
 				obj.put("tenantList", tenantList);
 			}
 		}
+
+		//删除相同用户名称对应的key
+		Collection<String> keys = redisTemplate.keys(CommonConstant.PREFIX_USER_TOKEN + "*");
+		List<SysUserOnlineVO> onlineList = new ArrayList<SysUserOnlineVO>();
+		for (String key : keys) {
+			String token = (String) redisUtil.get(key);
+			LoginUser loginUser = sysBaseAPI.getUserByName(JwtUtil.getUsername(token));
+			if (loginUser != null) {
+				if(oConvertUtils.isNotEmpty(username) && loginUser.getUsername().contains(username)){
+					log.info(" 强制  "+sysUser.getRealname()+"退出成功！ ");
+					//清空用户登录Token缓存
+					redisUtil.del(token);
+					redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
+					//清空用户登录Shiro权限缓存
+					redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
+					//清空用户的缓存信息（包括部门信息），例如sys:cache:user::<username>
+					redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
+					//调用shiro的logout
+					SecurityUtils.getSubject().logout();
+					//
+					redisUtil.del(key);
+				}
+			}
+		}
+
+
 		// update-end--Author:sunjianlei Date:20210802 for：获取用户租户信息
 		// 生成token
 		String token = JwtUtil.sign(username, syspassword, warehouseCode);
@@ -61,7 +61,7 @@ public class SysUserOnlineController {
             String token = (String)redisUtil.get(key);
             if (StringUtils.isNotEmpty(token)) {
                 SysUserOnlineVO online = new SysUserOnlineVO();
-                online.setToken(token);
+                online.setToken(key);
                 //TODO 改成一次性查询
                 LoginUser loginUser = sysBaseAPI.getUserByName(JwtUtil.getUsername(token));
                 if (loginUser != null) {
@@ -112,22 +112,38 @@ public class SysUserOnlineController {
         if(oConvertUtils.isEmpty(online.getToken())) {
             return Result.error("退出登录失败！");
         }
-        String username = JwtUtil.getUsername(online.getToken());
-        LoginUser sysUser = sysBaseAPI.getUserByName(username);
-        if(sysUser!=null) {
-            baseCommonService.addLog("强制: "+sysUser.getRealname()+"退出成功！", CommonConstant.LOG_TYPE_1, null,sysUser);
-            log.info(" 强制  "+sysUser.getRealname()+"退出成功！ ");
-            //清空用户登录Token缓存
-            redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + online.getToken());
-            //清空用户登录Shiro权限缓存
-            redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
-            //清空用户的缓存信息（包括部门信息），例如sys:cache:user::<username>
-            redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
-            //调用shiro的logout
-            SecurityUtils.getSubject().logout();
-            return Result.ok("退出登录成功！");
-        }else {
-            return Result.error("Token无效!");
+        Collection<String> keys = redisTemplate.keys(CommonConstant.PREFIX_USER_TOKEN + "*");
+        List<SysUserOnlineVO> onlineList = new ArrayList<SysUserOnlineVO>();
+        for (String key : keys) {
+            if (key.equals(online.getToken()))
+            {
+                String tokenValue = (String)redisUtil.get(online.getToken());
+                String username = JwtUtil.getUsername(tokenValue);
+                LoginUser sysUser = sysBaseAPI.getUserByName(username);
+                if(sysUser!=null) {
+                    //update-begin--Author:wangshuai  Date:20200714  for：登出日志没有记录人员
+                    baseCommonService.addLog("用户名: "+sysUser.getRealname()+",退出成功！", CommonConstant.LOG_TYPE_1, null,sysUser);
+                    //update-end--Author:wangshuai  Date:20200714  for：登出日志没有记录人员
+                    log.info(" 用户名:  "+sysUser.getRealname()+",退出成功！ ");
+
+                    //以下两个清空测试无效 保留在这吧
+                    //清空用户登录Token缓存/用户登录Shiro权限缓存
+                    redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + tokenValue);
+                    redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
+
+                    //真*清空Token
+                    redisUtil.del(key);
+
+                    //清空用户的缓存信息
+                    redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
+                    //调用shiro的logout
+                    SecurityUtils.getSubject().logout();
+                    return Result.ok("退出登录成功！");
+                }else {
+                    return Result.error("Token无效!");
+                }
+            }
         }
+        return Result.error("Token无效!");
     }
 }