实现单点登录
Controller 将用户登录信息保留在cookie中
/**
* 实现用户登录操作
*/
@RequestMapping("doLogin")
@ResponseBody
public SysResult doLogin(User user, HttpServletResponse response){
String ticket=dubboUserService.doLogin(user);//用户秘钥
if(StringUtils.isEmpty(ticket)){
return SysResult.fail();
} else {
/* Cookie cookie=new Cookie("JT_TICKET",ticket);
cookie.setMaxAge(7*24*60*60);//设定cookie有效期
cookie.setPath("/");//设定cookie的范畴
cookie.setDomain("jt.com");//设定cookie共享的域名,是实现单点登录的必备因素
response.addCookie(cookie);*/ CookieUtil.addCookie("JT_TICKET",ticket,7*24*60*60,"jt.com",response);
return SysResult.success();
}
}实现层 用户登录后会生成ticket, 将用户信息保留在redis中
@Override
public String doLogin(User user) {
//1.将明文加密
String md5Pass= DigestUtils.md5DigestAsHex(user.getPassword().getBytes());
user.setPassword(md5Pass);//把用户明码进行加密
QueryWrapper<User>queryWrapper=new QueryWrapper<>(user);
//依据对象中不为null的属性当做where条件
User userDB=userMapper.selectOne(queryWrapper);
if (userDB==null){
//用户名或明码谬误
return null;
}else {//用户名和明码正确,实现单点登录操作
String ticket= UUID.randomUUID().toString();//生成随机ticket
//如果将数据保留到第三方 个别须要脱敏解决
userDB.setPassword("123456");//查问到的用户 设置明码
String userJSON= ObjectMapperUtil.toJson(userDB);
jedisCluster.setex(ticket,7*24*60*60,userJSON);//将用户信息保留在redis中
return ticket;
}
}CookieUtil工具类
public class CookieUtil {
//新增cookie
public static void addCookie(String cookieName,
String cookieValue,
Integer seconds,
String domain,
HttpServletResponse response){
Cookie cookie=new Cookie(cookieName,cookieValue);
cookie.setMaxAge(seconds);
cookie.setDomain(domain);
cookie.setPath("/");
response.addCookie(cookie);
}
//依据name查value值
public static String getCookieValue(HttpServletRequest request,
String cookieName
) {
Cookie[] cookies = request.getCookies();
if (cookies.length > 0 && cookies != null) {
for (Cookie cookie : cookies
) {
if (cookieName.equals(cookie.getName())) {
return cookie.getValue();
}
}
} return null;
}
//删除cookie
public static void deleteCookie(HttpServletResponse response,
String cookieName,
String domain){
addCookie(cookieName,"",0,domain,response);
}
}将用户信息回显
/**
* 1.用户通过cookie信息查问用户数据
*/
@RequestMapping("/user/query/{ticket}")
public JSONPObject findUserByTicket(@PathVariable String ticket, HttpServletResponse response,String callback){
String userJson = jedisCluster.get(ticket);
//LRU算法清空了数据、他人随便篡改cookie信息
if(StringUtils.isEmpty(userJson)){
//有误 应该删除cookie信息
/*Cookie cookie=new Cookie("JT_TICKET","") ;
cookie.setMaxAge(0); cookie.setDomain("jt.com"); cookie.setPath("/"); response.addCookie(cookie);*/ CookieUtil.deleteCookie(response,"JT_TICKET","jt.com");
return new JSONPObject(callback,SysResult.fail());
}
return new JSONPObject(callback,SysResult.success(userJson));
}用户退出操作
如果用户点击退出操作, 首先应该删除Redis中的数据 其次删除Cookie中的数据 之后重定向到零碎首页.
Controller
/**
* 实现用户的退出操作.重定向到零碎首页
* url: http://www.jt.com/user/logout.html
* 业务:
* 1.删除Redis中的数据 key
* 2.删除Cookie记录
*/
@RequestMapping("logout")
public String logout(HttpServletRequest request,HttpServletResponse response){
//1.依据JT_TICKET获取指定的ticket
String ticket = CookieUtil.getCookieValue(request,"JT_TICKET");
//2.判断ticket是否为null
if(!StringUtils.isEmpty(ticket)){
jedisCluster.del(ticket);
CookieUtil.deleteCookie(response,"JT_TICKET","jt.com");
}
return "redirect:/";
}
发表回复