From 1a1271793e264ece750ceea56907ffdd1a06ab13 Mon Sep 17 00:00:00 2001
From: jiangping <jp@doumee.com>
Date: 星期三, 20 九月 2023 17:46:10 +0800
Subject: [PATCH] pp
---
server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java | 125 ++++++++++++++++++++++++++++++++++++++++-
1 files changed, 120 insertions(+), 5 deletions(-)
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
index 30d7dc0..28b01dc 100644
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
+++ b/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
@@ -2,12 +2,23 @@
import com.alibaba.fastjson.JSON;
import com.doumee.core.model.ApiResponse;
+import com.doumee.core.model.LoginUserInfo;
+import com.doumee.core.utils.Constants;
+import org.apache.shiro.cache.Cache;
+import org.apache.shiro.cache.MapCache;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.session.mgt.DefaultSessionKey;
+import org.apache.shiro.session.mgt.SessionManager;
+import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.http.HttpStatus;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
+import java.io.Serializable;
+import java.util.Deque;
+import java.util.LinkedList;
/**
* Shiro璁よ瘉杩囨护鍣紝澶勭悊鏈璇佹儏鍐电殑鍝嶅簲
@@ -16,15 +27,119 @@
*/
public class ShiroAuthFilter extends FormAuthenticationFilter {
- public ShiroAuthFilter() {
+ public ShiroAuthFilter(SessionManager sessionManager,ShiroCacheManager shiroCacheManager) {
super();
+ this.sessionManager = (ShiroSessionManager)sessionManager;
+ this.cache = shiroCacheManager.getCache("shiro_redis_cache");
}
+ @Override
+ protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
+ return false;
+ }
+
+ private int maxSession = 1; //鏈�澶т細璇濇暟閲�
+
+ private boolean kickOutAfter = false; //韪㈠嚭鍓嶈�呰繕鏄悗鑰�
+ private Cache<String, Deque<Serializable>> cache; //缂撳瓨绠$悊
+
+
+ private ShiroSessionManager sessionManager; //浼氳瘽绠$悊
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
- HttpServletResponse servletResponse = (HttpServletResponse) response;
- servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
- servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "鏈櫥褰曟垨鐧诲綍淇℃伅宸茶繃鏈�")));
- return Boolean.FALSE;
+ Subject subject = getSubject(request, response);
+ if (!subject.isAuthenticated() && !subject.isRemembered()) { //濡傛灉涓嶆槸璁よ瘉杩囧拰璁颁綇瀵嗙爜鐨勶紝灏辩洿鎺ユ斁琛岃姹傦紝閬垮厤閫犳垚璁块棶杩囨參
+ // return Boolean.TRUE;
+ }
+ Session session = subject.getSession(); //鑾峰彇浼氳瘽session
+ Object principal = subject.getPrincipal();
+ Serializable sessionId = session.getId();
+ LoginUserInfo userInfo = (LoginUserInfo) principal;
+ if(userInfo == null ){
+ HttpServletResponse servletResponse = (HttpServletResponse) response;
+ servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
+ servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "鏈櫥褰曟垨鐧诲綍淇℃伅宸茶繃鏈�")));
+ return Boolean.FALSE;
+// return super.onAccessDenied(request,response);
+ }else if( Constants.equalsInteger(userInfo.getType(), Constants.UserType.COMPANY.getKey()) ){
+ return Boolean.TRUE;
+// return super.onAccessDenied(request,response);
+ }
+
+ String userName = userInfo.getCompanyId() +"_"+ userInfo.getId();
+ Deque<Serializable> deque = cache.get(userName);
+ if (deque == null) {
+ deque = new LinkedList<>();
+ }
+ if (!deque.contains(sessionId) && session.getAttribute("kickOut") == null) {
+ deque.push(sessionId);
+ cache.put(userName, deque);
+ }
+ while (deque.size() > maxSession) {
+ Serializable kickOutSessionId;
+ if (kickOutAfter) {
+ kickOutSessionId = deque.removeFirst();
+ cache.put(userName, deque);
+ } else {
+ kickOutSessionId = deque.removeLast();
+ cache.put(userName, deque);
+ }
+
+ try {
+ Session kickOutSession = sessionManager.getSession(new DefaultSessionKey(kickOutSessionId));
+ if (kickOutSession != null) {
+ kickOutSession.setAttribute("kickOut", Boolean.TRUE);
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+// log.error("韪㈠嚭寮傚父鏈涪鍑�");
+ }
+ }
+
+ if (session!=null && session.getAttribute("kickOut") != null && (Boolean) session.getAttribute("kickOut") == true) {
+ try {
+ subject.logout();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ saveRequest(request);
+ HttpServletResponse servletResponse = (HttpServletResponse) response;
+ servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
+ servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "鏈櫥褰曟垨鐧诲綍淇℃伅宸茶繃鏈�")));
+ return Boolean.FALSE;
+ }
+ return Boolean.TRUE;
+ }
+
+ public int getMaxSession() {
+ return maxSession;
+ }
+
+ public void setMaxSession(int maxSession) {
+ this.maxSession = maxSession;
+ }
+
+ public boolean isKickOutAfter() {
+ return kickOutAfter;
+ }
+
+ public void setKickOutAfter(boolean kickOutAfter) {
+ this.kickOutAfter = kickOutAfter;
+ }
+
+ public Cache<String, Deque<Serializable>> getCache() {
+ return cache;
+ }
+
+ public void setCache(Cache<String, Deque<Serializable>> cache) {
+ this.cache = cache;
+ }
+
+ public ShiroSessionManager getSessionManager() {
+ return sessionManager;
+ }
+
+ public void setSessionManager(ShiroSessionManager sessionManager) {
+ this.sessionManager = sessionManager;
}
}
--
Gitblit v1.9.3