实现单点登录

Controller 将用户登录信息保留在cookie中

/** * 实现用户登录操作 */@RequestMapping("doLogin")@ResponseBodypublic SysResult doLogin(User user, HttpServletResponse response){ String ticket=dubboUserService.doLogin(user);//用户秘钥 if(StringUtils.isEmpty(ticket)){ return SysResult.fail(); } else { /* Cookie cookie=new Cookie("JT_TICKET",ticket); cookie.setMaxAge(7*24*60*60);//设定cookie有效期 cookie.setPath("/");//设定cookie的范畴 cookie.setDomain("jt.com");//设定cookie共享的域名,是实现单点登录的必备因素 response.addCookie(cookie);*/ CookieUtil.addCookie("JT_TICKET",ticket,7*24*60*60,"jt.com",response); return SysResult.success(); }}

实现层 用户登录后会生成ticket, 将用户信息保留在redis中

@Overridepublic String doLogin(User user) { //1.将明文加密 String md5Pass= DigestUtils.md5DigestAsHex(user.getPassword().getBytes()); user.setPassword(md5Pass);//把用户明码进行加密 QueryWrapper<User>queryWrapper=new QueryWrapper<>(user); //依据对象中不为null的属性当做where条件 User userDB=userMapper.selectOne(queryWrapper); if (userDB==null){ //用户名或明码谬误 return null; }else {//用户名和明码正确,实现单点登录操作 String ticket= UUID.randomUUID().toString();//生成随机ticket //如果将数据保留到第三方 个别须要脱敏解决 userDB.setPassword("123456");//查问到的用户 设置明码 String userJSON= ObjectMapperUtil.toJson(userDB); jedisCluster.setex(ticket,7*24*60*60,userJSON);//将用户信息保留在redis中 return ticket; }}

CookieUtil工具类

public class CookieUtil { //新增cookie public static void addCookie(String cookieName, String cookieValue, Integer seconds, String domain, HttpServletResponse response){ Cookie cookie=new Cookie(cookieName,cookieValue); cookie.setMaxAge(seconds); cookie.setDomain(domain); cookie.setPath("/"); response.addCookie(cookie); } //依据name查value值 public static String getCookieValue(HttpServletRequest request, String cookieName ) { Cookie[] cookies = request.getCookies(); if (cookies.length > 0 && cookies != null) { for (Cookie cookie : cookies            ) { if (cookieName.equals(cookie.getName())) { return cookie.getValue(); } } } return null; } //删除cookie public static  void deleteCookie(HttpServletResponse response, String cookieName, String domain){ addCookie(cookieName,"",0,domain,response); }}

将用户信息回显

/** * 1.用户通过cookie信息查问用户数据 */@RequestMapping("/user/query/{ticket}")public JSONPObject findUserByTicket(@PathVariable String ticket, HttpServletResponse response,String callback){ String userJson = jedisCluster.get(ticket); //LRU算法清空了数据、他人随便篡改cookie信息 if(StringUtils.isEmpty(userJson)){ //有误 应该删除cookie信息 /*Cookie cookie=new Cookie("JT_TICKET","") ; cookie.setMaxAge(0); cookie.setDomain("jt.com"); cookie.setPath("/"); response.addCookie(cookie);*/ CookieUtil.deleteCookie(response,"JT_TICKET","jt.com"); return new JSONPObject(callback,SysResult.fail()); }return new JSONPObject(callback,SysResult.success(userJson));}

用户退出操作

如果用户点击退出操作, 首先应该删除Redis中的数据 其次删除Cookie中的数据 之后重定向到零碎首页.
Controller

    /**     * 实现用户的退出操作.重定向到零碎首页     * url: http://www.jt.com/user/logout.html     * 业务:     *      1.删除Redis中的数据  key     *      2.删除Cookie记录     */    @RequestMapping("logout")    public String logout(HttpServletRequest request,HttpServletResponse response){        //1.依据JT_TICKET获取指定的ticket        String ticket = CookieUtil.getCookieValue(request,"JT_TICKET");        //2.判断ticket是否为null        if(!StringUtils.isEmpty(ticket)){            jedisCluster.del(ticket);            CookieUtil.deleteCookie(response,"JT_TICKET","jt.com");        }        return "redirect:/";    }