diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java
index 8eb938c70..8e3e81a48 100644
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/SessionManagerApi.java
@@ -48,7 +48,7 @@ public interface SessionManagerApi {
* @author fengshuonan
* @since 2020/10/19 16:47
*/
- void createSession(String token, LoginUser loginUser, Boolean createCookie);
+ void createSession(String token, LoginUser loginUser);
/**
* 更新当前会话的loginUser对象的内容
@@ -109,16 +109,6 @@ public interface SessionManagerApi {
*/
void refreshSession(String token);
- /**
- * 销毁当前用户对应的会话cookie
- *
- * 一般用在单体不分离版本中
- *
- * @author fengshuonan
- * @since 2021/1/2 20:25
- */
- void destroySessionCookie();
-
/**
* 获取在线用户列表
*
diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/cookie/SessionCookieCreator.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/cookie/SessionCookieCreator.java
deleted file mode 100644
index ea2825950..000000000
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/cookie/SessionCookieCreator.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright [2020-2030] [https://www.stylefeng.cn]
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Guns采用APACHE LICENSE 2.0开源协议,您在使用过程中,需要注意以下几点:
- *
- * 1.请不要删除和修改根目录下的LICENSE文件。
- * 2.请不要删除和修改Guns源码头部的版权声明。
- * 3.请保留源码和相关描述文件的项目出处,作者声明等。
- * 4.分发源码时候,请注明软件出处 https://gitee.com/stylefeng/guns
- * 5.在修改包名,模块名称,项目代码等时,请注明软件出处 https://gitee.com/stylefeng/guns
- * 6.若您的项目无法满足以上几点,可申请商业授权
- */
-package cn.stylefeng.roses.kernel.auth.api.cookie;
-
-import javax.servlet.http.Cookie;
-
-/**
- * cookie的创建器,用在session创建时,给httpServletResponse添加cookie
- *
- * 每个公司情况不一样,所以预留拓展接口
- *
- * @author fengshuonan
- * @since 2020/12/27 13:28
- */
-public abstract class SessionCookieCreator {
-
- /**
- * 创建cookie的操作
- *
- * 这里不要重写这个方法,重写后名称对不上可能导致登录后权限校验失败
- *
- * @param cookieName cookie的名称
- * @param cookieValue cookie的值
- * @param sessionExpiredSeconds cookie过期时间
- * @author fengshuonan
- * @since 2020/12/27 13:29
- */
- public Cookie createCookie(String cookieName, String cookieValue, Integer sessionExpiredSeconds) {
- Cookie cookie = new Cookie(cookieName, cookieValue);
- cookie.setMaxAge(sessionExpiredSeconds);
- this.expandCookieProp(cookie);
- return cookie;
- }
-
- /**
- * 拓展cookie的配置
- *
- * @author fengshuonan
- * @since 2020/12/27 13:41
- */
- public abstract void expandCookieProp(Cookie cookie);
-
-}
diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
index 52cb822de..c633c8b4b 100644
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
@@ -74,12 +74,6 @@ public class LoginRequest extends BaseRequest {
@ChineseDescription("用户输入的验证码的值")
private String verCode;
- /**
- * 是否写入cookie会话信息
- */
- @ChineseDescription("是否写入cookie会话信息")
- private Boolean createCookie = false;
-
/**
* 租户编码
*/
diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
index 728a8b1df..59d3a008a 100644
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
@@ -216,7 +216,6 @@ public class AuthServiceImpl implements AuthServiceApi {
}
logoutWithToken(token);
- sessionManagerApi.destroySessionCookie();
}
@Override
@@ -428,7 +427,7 @@ public class AuthServiceImpl implements AuthServiceApi {
loginUser.setWsUrl(WebSocketConfigExpander.getWebSocketWsUrl());
// 10. 缓存用户信息,创建会话
- sessionManagerApi.createSession(jwtToken, loginUser, loginRequest.getCreateCookie());
+ sessionManagerApi.createSession(jwtToken, loginUser);
// 11. 如果开启了单账号单端在线,则踢掉已经上线的该用户
if (AuthConfigExpander.getSingleAccountLoginFlag()) {
diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java
index 615afc168..91e0a0256 100644
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/DefaultSessionManager.java
@@ -25,20 +25,14 @@
package cn.stylefeng.roses.kernel.auth.session;
import cn.hutool.core.bean.BeanUtil;
-import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import cn.stylefeng.roses.kernel.auth.api.SessionManagerApi;
-import cn.stylefeng.roses.kernel.auth.api.cookie.SessionCookieCreator;
-import cn.stylefeng.roses.kernel.auth.api.expander.AuthConfigExpander;
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
import cn.stylefeng.roses.kernel.cache.api.CacheOperatorApi;
import cn.stylefeng.roses.kernel.message.api.expander.WebSocketConfigExpander;
import cn.stylefeng.roses.kernel.rule.callback.ConfigUpdateCallback;
-import cn.stylefeng.roses.kernel.rule.util.HttpServletUtil;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletResponse;
import java.util.*;
import static cn.stylefeng.roses.kernel.message.api.constants.MessageConstants.WEB_SOCKET_WS_URL_CONFIG_CODE;
@@ -74,23 +68,16 @@ public class DefaultSessionManager implements SessionManagerApi, ConfigUpdateCal
*/
private final Long sessionExpiredSeconds;
- /**
- * cookie的创建器,用在session创建时,给response添加cookie
- */
- private final SessionCookieCreator sessionCookieCreator;
-
public DefaultSessionManager(CacheOperatorApi loginUserCache,
CacheOperatorApi> allPlaceLoginTokenCache,
- Long sessionExpiredSeconds,
- SessionCookieCreator sessionCookieCreator) {
+ Long sessionExpiredSeconds) {
this.loginUserCache = loginUserCache;
this.allPlaceLoginTokenCache = allPlaceLoginTokenCache;
this.sessionExpiredSeconds = sessionExpiredSeconds;
- this.sessionCookieCreator = sessionCookieCreator;
}
@Override
- public void createSession(String token, LoginUser loginUser, Boolean createCookie) {
+ public void createSession(String token, LoginUser loginUser) {
// 装配用户信息的缓存
loginUserCache.put(token, loginUser, sessionExpiredSeconds);
@@ -102,15 +89,6 @@ public class DefaultSessionManager implements SessionManagerApi, ConfigUpdateCal
}
theUserTokens.add(token);
allPlaceLoginTokenCache.put(loginUser.getUserId().toString(), theUserTokens);
-
- // 如果开启了cookie存储会话信息,则需要给HttpServletResponse添加一个cookie
- if (createCookie) {
- String sessionCookieName = AuthConfigExpander.getSessionCookieName();
- Cookie cookie = sessionCookieCreator.createCookie(sessionCookieName, token, Convert.toInt(AuthConfigExpander.getAuthJwtTimeoutSeconds()));
- HttpServletResponse response = HttpServletUtil.getResponse();
- response.addCookie(cookie);
- }
-
}
@Override
@@ -193,15 +171,6 @@ public class DefaultSessionManager implements SessionManagerApi, ConfigUpdateCal
}
}
- @Override
- public void destroySessionCookie() {
- // 如果开启了cookie存储会话信息,则需要给HttpServletResponse添加一个cookie
- String sessionCookieName = AuthConfigExpander.getSessionCookieName();
- Cookie cookie = sessionCookieCreator.createCookie(sessionCookieName, null, 0);
- HttpServletResponse response = HttpServletUtil.getResponse();
- response.addCookie(cookie);
- }
-
@Override
public List onlineUserList() {
Map allKeyValues = loginUserCache.getAllKeyValues();
diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/cookie/DefaultSessionCookieCreator.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/cookie/DefaultSessionCookieCreator.java
deleted file mode 100644
index f3c70dcd2..000000000
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/session/cookie/DefaultSessionCookieCreator.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright [2020-2030] [https://www.stylefeng.cn]
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Guns采用APACHE LICENSE 2.0开源协议,您在使用过程中,需要注意以下几点:
- *
- * 1.请不要删除和修改根目录下的LICENSE文件。
- * 2.请不要删除和修改Guns源码头部的版权声明。
- * 3.请保留源码和相关描述文件的项目出处,作者声明等。
- * 4.分发源码时候,请注明软件出处 https://gitee.com/stylefeng/guns
- * 5.在修改包名,模块名称,项目代码等时,请注明软件出处 https://gitee.com/stylefeng/guns
- * 6.若您的项目无法满足以上几点,可申请商业授权
- */
-package cn.stylefeng.roses.kernel.auth.session.cookie;
-
-import cn.stylefeng.roses.kernel.auth.api.cookie.SessionCookieCreator;
-
-import javax.servlet.http.Cookie;
-
-/**
- * 默认的cookie创建
- *
- * 这里预留了expandCookieProp的接口可以拓展cookie的属性
- *
- * @author fengshuonan
- * @since 2020/12/27 13:29
- */
-public class DefaultSessionCookieCreator extends SessionCookieCreator {
-
- @Override
- public void expandCookieProp(Cookie cookie) {
- cookie.setHttpOnly(true);
- cookie.setPath("/");
- }
-
-}
diff --git a/kernel-d-auth/auth-spring-boot-starter/src/main/java/cn/stylefeng/roses/kernel/auth/starter/AuthAutoConfiguration.java b/kernel-d-auth/auth-spring-boot-starter/src/main/java/cn/stylefeng/roses/kernel/auth/starter/AuthAutoConfiguration.java
index d5840a9c1..13f6de930 100644
--- a/kernel-d-auth/auth-spring-boot-starter/src/main/java/cn/stylefeng/roses/kernel/auth/starter/AuthAutoConfiguration.java
+++ b/kernel-d-auth/auth-spring-boot-starter/src/main/java/cn/stylefeng/roses/kernel/auth/starter/AuthAutoConfiguration.java
@@ -25,7 +25,6 @@
package cn.stylefeng.roses.kernel.auth.starter;
import cn.stylefeng.roses.kernel.auth.api.SessionManagerApi;
-import cn.stylefeng.roses.kernel.auth.api.cookie.SessionCookieCreator;
import cn.stylefeng.roses.kernel.auth.api.expander.AuthConfigExpander;
import cn.stylefeng.roses.kernel.auth.api.password.PasswordStoredEncryptApi;
import cn.stylefeng.roses.kernel.auth.api.password.PasswordTransferEncryptApi;
@@ -34,7 +33,6 @@ import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
import cn.stylefeng.roses.kernel.auth.password.BcryptPasswordStoredEncrypt;
import cn.stylefeng.roses.kernel.auth.password.RsaPasswordTransferEncrypt;
import cn.stylefeng.roses.kernel.auth.session.DefaultSessionManager;
-import cn.stylefeng.roses.kernel.auth.session.cookie.DefaultSessionCookieCreator;
import cn.stylefeng.roses.kernel.auth.session.timer.ClearInvalidLoginUserCacheTimer;
import cn.stylefeng.roses.kernel.cache.api.CacheOperatorApi;
import cn.stylefeng.roses.kernel.jwt.JwtTokenOperator;
@@ -103,18 +101,6 @@ public class AuthAutoConfiguration {
return new RsaPasswordTransferEncrypt(pwdRsaSecretProperties.getPublicKey(), pwdRsaSecretProperties.getPrivateKey());
}
- /**
- * session cookie的创建
- *
- * @author fengshuonan
- * @since 2020/12/27 15:48
- */
- @Bean
- @ConditionalOnMissingBean(SessionCookieCreator.class)
- public SessionCookieCreator sessionCookieCreator() {
- return new DefaultSessionCookieCreator();
- }
-
/**
* 默认的session缓存为内存缓存,方便启动
*
@@ -127,7 +113,7 @@ public class AuthAutoConfiguration {
@ConditionalOnMissingBean(SessionManagerApi.class)
public SessionManagerApi sessionManagerApi(CacheOperatorApi loginUserCache, CacheOperatorApi> allPlaceLoginTokenCache) {
Long sessionExpiredSeconds = AuthConfigExpander.getSessionExpiredSeconds();
- return new DefaultSessionManager(loginUserCache, allPlaceLoginTokenCache, sessionExpiredSeconds, sessionCookieCreator());
+ return new DefaultSessionManager(loginUserCache, allPlaceLoginTokenCache, sessionExpiredSeconds);
}
/**
diff --git a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java
index d68415a79..03a5e4f85 100644
--- a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java
+++ b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java
@@ -156,8 +156,7 @@ public class CustomerServiceImpl extends ServiceImpl i
@Override
public LoginResponse login(LoginRequest loginRequest) {
- // 不创建cookie,默认开启记住我(7天会话)
- loginRequest.setCreateCookie(false);
+ // 默认开启记住我(7天会话)
loginRequest.setRememberMe(true);
// 验证拖拽验证码
@@ -207,7 +206,7 @@ public class CustomerServiceImpl extends ServiceImpl i
synchronized (SESSION_OPERATE_LOCK) {
// 缓存用户信息,创建会话
- sessionManagerApi.createSession(jwtToken, loginUser, loginRequest.getCreateCookie());
+ sessionManagerApi.createSession(jwtToken, loginUser);
// 如果开启了单账号单端在线,则踢掉已经上线的该用户
if (AuthConfigExpander.getSingleAccountLoginFlag()) {
diff --git a/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/KaptchaController.java b/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/CaptchaController.java
similarity index 97%
rename from kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/KaptchaController.java
rename to kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/CaptchaController.java
index 1a964be26..e33424edf 100644
--- a/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/KaptchaController.java
+++ b/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/CaptchaController.java
@@ -47,7 +47,7 @@ import static cn.stylefeng.roses.kernel.rule.constants.RuleConstants.BASE64_IMG_
*/
@RestController
@ApiResource(name = "用户登录图形验证码", resBizType = ResBizTypeEnum.SYSTEM)
-public class KaptchaController {
+public class CaptchaController {
@Resource
private ImageCaptchaApi captchaApi;
@@ -72,7 +72,7 @@ public class KaptchaController {
* @author fengshuonan
* @since 2021/7/5 12:00
*/
- @GetResource(name = "获取图形验证码", path = "/dragCaptcha", requiredPermission = false, requiredLogin = false)
+ @GetResource(name = "获取拖拽验证码", path = "/dragCaptcha", requiredPermission = false, requiredLogin = false)
public ResponseData dragCaptcha() {
DragCaptchaImageDTO captcha = dragCaptchaApi.createCaptcha();
captcha.setSrcImage(BASE64_IMG_PREFIX + captcha.getSrcImage());
diff --git a/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java b/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java
index 595e748ee..cad84b6a7 100644
--- a/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java
+++ b/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/controller/LoginController.java
@@ -78,27 +78,13 @@ public class LoginController {
private CacheOperatorApi caClientTokenCacheApi;
/**
- * 用户登陆
+ * 用户登陆API
*
* @author fengshuonan
* @since 2021/3/17 17:23
*/
- @PostResource(name = "登陆", path = "/login", requiredLogin = false, requiredPermission = false)
- public ResponseData login(@RequestBody @Validated LoginRequest loginRequest) {
- loginRequest.setCreateCookie(true);
- LoginResponse loginResponse = authServiceApi.login(loginRequest);
- return new SuccessResponseData<>(loginResponse.getToken());
- }
-
- /**
- * 用户登陆(提供给分离版用的接口,不会写cookie)
- *
- * @author fengshuonan
- * @since 2021/3/17 17:23
- */
- @PostResource(name = "登陆(分离版)", path = "/loginApi", requiredLogin = false, requiredPermission = false)
+ @PostResource(name = "用户登陆API", path = "/loginApi", requiredLogin = false, requiredPermission = false)
public ResponseData loginApi(@RequestBody @Validated LoginRequest loginRequest) {
- loginRequest.setCreateCookie(false);
LoginResponse loginResponse = authServiceApi.login(loginRequest);
return new SuccessResponseData<>(loginResponse);
}
diff --git a/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/service/impl/SysUserServiceImpl.java b/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/service/impl/SysUserServiceImpl.java
index 84d63691f..b948a055e 100644
--- a/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/service/impl/SysUserServiceImpl.java
+++ b/kernel-s-system/system-business-hr/src/main/java/cn/stylefeng/roses/kernel/system/modular/user/service/impl/SysUserServiceImpl.java
@@ -666,7 +666,7 @@ public class SysUserServiceImpl extends ServiceImpl impl
loginUser.setWsUrl(WebSocketConfigExpander.getWebSocketWsUrl());
// 缓存用户信息,创建会话
- sessionManagerApi.createSession(jwtToken, loginUser, false);
+ sessionManagerApi.createSession(jwtToken, loginUser);
// 如果开启了单账号单端在线,则踢掉已经上线的该用户
if (AuthConfigExpander.getSingleAccountLoginFlag()) {