diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java index e1c849bcf..ad3d51994 100644 --- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java +++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java @@ -45,10 +45,11 @@ public interface SessionManagerApi { * * @param token 用户登录的token * @param loginUser 登录的用户 + * @param loginUser 登录的用户 * @author fengshuonan * @date 2020/10/19 16:47 */ - void createSession(String token, LoginUser loginUser); + void createSession(String token, LoginUser loginUser, Boolean createCookie); /** * 更新当前会话的loginUser对象的内容 diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java index 8db26865a..629a2162f 100644 --- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java +++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java @@ -67,4 +67,9 @@ public class LoginRequest extends BaseRequest { */ private String verCode; + /** + * 是否写入cookie会话信息 + */ + private Boolean createCookie = false; + } diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java index 385f1a2e5..4d4ecbf80 100644 --- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java +++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java @@ -155,24 +155,6 @@ public class AuthServiceImpl implements AuthServiceApi { // 2. 校验用户token是否正确,校验失败会抛出异常 this.validateToken(token); - // 3. 如果token校验通过,获取token的payload,以及是否开启了记住我功能 - DefaultJwtPayload defaultPayload = JwtContext.me().getDefaultPayload(token); - Boolean rememberMe = defaultPayload.getRememberMe(); - - // 4. 获取用户的当前会话信息 - LoginUser loginUser = sessionManagerApi.getSession(token); - - // 5. 如果开了记住我,但是会话为空,则创建一次会话信息 - if (rememberMe && loginUser == null) { - UserLoginInfoDTO userLoginInfo = userServiceApi.getUserLoginInfo(defaultPayload.getAccount()); - sessionManagerApi.createSession(token, userLoginInfo.getLoginUser()); - } - - // 6. 如果会话信息为空,则判定此次校验失败 - if (loginUser == null) { - throw new AuthException(AUTH_EXPIRED_ERROR); - } - } /** @@ -242,7 +224,7 @@ public class AuthServiceImpl implements AuthServiceApi { loginUser.setWsUrl(WebSocketConfigExpander.getWebSocketWsUrl()); // 9. 缓存用户信息,创建会话 - sessionManagerApi.createSession(jwtToken, loginUser); + sessionManagerApi.createSession(jwtToken, loginUser, loginRequest.getCreateCookie()); // 10. 如果开启了单账号单端在线,则踢掉已经上线的该用户 if (AuthConfigExpander.getSingleAccountLoginFlag()) { diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java index 1b99a6a68..d8beec3f6 100644 --- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java +++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java @@ -83,7 +83,7 @@ public class DefaultSessionManager implements SessionManagerApi { } @Override - public void createSession(String token, LoginUser loginUser) { + public void createSession(String token, LoginUser loginUser, Boolean createCookie) { // 装配用户信息的缓存 loginUserCache.put(token, loginUser, sessionExpiredSeconds); @@ -97,7 +97,7 @@ public class DefaultSessionManager implements SessionManagerApi { allPlaceLoginTokenCache.put(loginUser.getUserId().toString(), theUserTokens); // 如果开启了cookie存储会话信息,则需要给HttpServletResponse添加一个cookie - if (AuthConfigExpander.getSessionAddToCookie()) { + if (createCookie) { String sessionCookieName = AuthConfigExpander.getSessionCookieName(); Cookie cookie = sessionCookieCreator.createCookie(sessionCookieName, token, Convert.toInt(AuthConfigExpander.getAuthJwtTimeoutSeconds())); HttpServletResponse response = HttpServletUtil.getResponse(); diff --git a/kernel-s-system/system-business-user/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java b/kernel-s-system/system-business-user/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java index 5ab57989c..d696b2dc0 100644 --- a/kernel-s-system/system-business-user/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java +++ b/kernel-s-system/system-business-user/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java @@ -64,7 +64,21 @@ public class LoginController { * @date 2021/3/17 17:23 */ @PostResource(name = "登陆", path = "/login", requiredLogin = false, requiredPermission = false) - public ResponseData doAuth(@RequestBody @Validated LoginRequest loginRequest) { + public ResponseData login(@RequestBody @Validated LoginRequest loginRequest) { + loginRequest.setCreateCookie(true); + LoginResponse loginResponse = authServiceApi.login(loginRequest); + return new SuccessResponseData(loginResponse.getToken()); + } + + /** + * 用户登陆(提供给分离版用的接口,不会写cookie) + * + * @author fengshuonan + * @date 2021/3/17 17:23 + */ + @PostResource(name = "登陆(分离版)", path = "/loginApi", requiredLogin = false, requiredPermission = false) + public ResponseData loginApi(@RequestBody @Validated LoginRequest loginRequest) { + loginRequest.setCreateCookie(false); LoginResponse loginResponse = authServiceApi.login(loginRequest); return new SuccessResponseData(loginResponse.getToken()); }