【7.0.2】【auth】更新登录接口，分离版用新框架

2021-03-23 22:50:05 +08:00 · 2021-03-23 22:50:05 +08:00 · 507408463a
parent 21e8b159ee
commit 507408463a
5 changed files with 25 additions and 23 deletions
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java
@ -45,10 +45,11 @@ public interface SessionManagerApi {
     *
     * @param token     用户登录的token
     * @param loginUser 登录的用户
+     * @param loginUser 登录的用户
     * @author fengshuonan
     * @date 2020/10/19 16:47
     */
-    void createSession(String token, LoginUser loginUser);
+    void createSession(String token, LoginUser loginUser, Boolean createCookie);

    /**
     * 更新当前会话的loginUser对象的内容
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
@ -67,4 +67,9 @@ public class LoginRequest extends BaseRequest {
     */
    private String verCode;

+    /**
+     * 是否写入cookie会话信息
+     */
+    private Boolean createCookie = false;
+
 }
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
@ -155,24 +155,6 @@ public class AuthServiceImpl implements AuthServiceApi {
        // 2. 校验用户token是否正确，校验失败会抛出异常
        this.validateToken(token);

-        // 3. 如果token校验通过，获取token的payload，以及是否开启了记住我功能
-        DefaultJwtPayload defaultPayload = JwtContext.me().getDefaultPayload(token);
-        Boolean rememberMe = defaultPayload.getRememberMe();
-
-        // 4. 获取用户的当前会话信息
-        LoginUser loginUser = sessionManagerApi.getSession(token);
-
-        // 5. 如果开了记住我，但是会话为空，则创建一次会话信息
-        if (rememberMe && loginUser == null) {
-            UserLoginInfoDTO userLoginInfo = userServiceApi.getUserLoginInfo(defaultPayload.getAccount());
-            sessionManagerApi.createSession(token, userLoginInfo.getLoginUser());
-        }
-
-        // 6. 如果会话信息为空，则判定此次校验失败
-        if (loginUser == null) {
-            throw new AuthException(AUTH_EXPIRED_ERROR);
-        }
-
    }

    /**
@ -242,7 +224,7 @@ public class AuthServiceImpl implements AuthServiceApi {
            loginUser.setWsUrl(WebSocketConfigExpander.getWebSocketWsUrl());

            // 9. 缓存用户信息，创建会话
-            sessionManagerApi.createSession(jwtToken, loginUser);
+            sessionManagerApi.createSession(jwtToken, loginUser, loginRequest.getCreateCookie());

            // 10. 如果开启了单账号单端在线，则踢掉已经上线的该用户
            if (AuthConfigExpander.getSingleAccountLoginFlag()) {
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java
@ -83,7 +83,7 @@ public class DefaultSessionManager implements SessionManagerApi {
    }

    @Override
-    public void createSession(String token, LoginUser loginUser) {
+    public void createSession(String token, LoginUser loginUser, Boolean createCookie) {

        // 装配用户信息的缓存
        loginUserCache.put(token, loginUser, sessionExpiredSeconds);
@ -97,7 +97,7 @@ public class DefaultSessionManager implements SessionManagerApi {
        allPlaceLoginTokenCache.put(loginUser.getUserId().toString(), theUserTokens);

        // 如果开启了cookie存储会话信息，则需要给HttpServletResponse添加一个cookie
-        if (AuthConfigExpander.getSessionAddToCookie()) {
+        if (createCookie) {
            String sessionCookieName = AuthConfigExpander.getSessionCookieName();
            Cookie cookie = sessionCookieCreator.createCookie(sessionCookieName, token, Convert.toInt(AuthConfigExpander.getAuthJwtTimeoutSeconds()));
            HttpServletResponse response = HttpServletUtil.getResponse();
--- a/kernel-s-system/system-business-user/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java
+++ b/kernel-s-system/system-business-user/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java
@ -64,7 +64,21 @@ public class LoginController {
     * @date 2021/3/17 17:23
     */
    @PostResource(name = "登陆", path = "/login", requiredLogin = false, requiredPermission = false)
-    public ResponseData doAuth(@RequestBody @Validated LoginRequest loginRequest) {
+    public ResponseData login(@RequestBody @Validated LoginRequest loginRequest) {
+        loginRequest.setCreateCookie(true);
+        LoginResponse loginResponse = authServiceApi.login(loginRequest);
+        return new SuccessResponseData(loginResponse.getToken());
+    }
+
+    /**
+     * 用户登陆(提供给分离版用的接口，不会写cookie)
+     *
+     * @author fengshuonan
+     * @date 2021/3/17 17:23
+     */
+    @PostResource(name = "登陆（分离版）", path = "/loginApi", requiredLogin = false, requiredPermission = false)
+    public ResponseData loginApi(@RequestBody @Validated LoginRequest loginRequest) {
+        loginRequest.setCreateCookie(false);
        LoginResponse loginResponse = authServiceApi.login(loginRequest);
        return new SuccessResponseData(loginResponse.getToken());
    }