diff --git a/src/main/java/cc/ryanc/halo/cache/InMemoryCacheStore.java b/src/main/java/cc/ryanc/halo/cache/InMemoryCacheStore.java index 70cee8c10..fad665b73 100644 --- a/src/main/java/cc/ryanc/halo/cache/InMemoryCacheStore.java +++ b/src/main/java/cc/ryanc/halo/cache/InMemoryCacheStore.java @@ -99,9 +99,11 @@ public class InMemoryCacheStore extends StringCacheStore { @Override public void run() { - log.trace("Cache clean task is cleaning"); - cacheContainer.keySet().forEach(InMemoryCacheStore.this::get); - log.trace("Cache lean task cleaned"); + cacheContainer.keySet().forEach(key -> { + if (!InMemoryCacheStore.this.get(key).isPresent()) { + log.debug("Deleted the cache: [{}] for expiration", key); + } + }); } } } diff --git a/src/main/java/cc/ryanc/halo/cache/lock/CacheLockInterceptor.java b/src/main/java/cc/ryanc/halo/cache/lock/CacheLockInterceptor.java index 6f095a696..158afb6a5 100644 --- a/src/main/java/cc/ryanc/halo/cache/lock/CacheLockInterceptor.java +++ b/src/main/java/cc/ryanc/halo/cache/lock/CacheLockInterceptor.java @@ -95,6 +95,8 @@ public class CacheLockInterceptor { if (StringUtils.isNotBlank(cacheLock.prefix())) { cacheKeyBuilder.append(cacheLock.prefix()); + } else { + cacheKeyBuilder.append(methodSignature.getMethod().toString()); } // Handle cache lock key building diff --git a/src/main/java/cc/ryanc/halo/security/context/SecurityContext.java b/src/main/java/cc/ryanc/halo/security/context/SecurityContext.java index b8a00013b..32d260524 100644 --- a/src/main/java/cc/ryanc/halo/security/context/SecurityContext.java +++ b/src/main/java/cc/ryanc/halo/security/context/SecurityContext.java @@ -30,7 +30,7 @@ public interface SecurityContext { * * @return true if authenticate; false otherwise */ - default boolean isAuthenticate() { + default boolean isAuthenticated() { return getAuthentication() != null; } } diff --git a/src/main/java/cc/ryanc/halo/security/context/SecurityContextHolder.java b/src/main/java/cc/ryanc/halo/security/context/SecurityContextHolder.java index 310bbd65f..573d22f02 100644 --- a/src/main/java/cc/ryanc/halo/security/context/SecurityContextHolder.java +++ b/src/main/java/cc/ryanc/halo/security/context/SecurityContextHolder.java @@ -58,6 +58,6 @@ public class SecurityContextHolder { */ @NonNull private static SecurityContext createEmptyContext() { - return new SecurityContextImpl(); + return new SecurityContextImpl(null); } } diff --git a/src/main/java/cc/ryanc/halo/service/impl/UserServiceImpl.java b/src/main/java/cc/ryanc/halo/service/impl/UserServiceImpl.java index 01991ae03..dae3d2dc1 100644 --- a/src/main/java/cc/ryanc/halo/service/impl/UserServiceImpl.java +++ b/src/main/java/cc/ryanc/halo/service/impl/UserServiceImpl.java @@ -84,7 +84,7 @@ public class UserServiceImpl extends AbstractCrudService implemen Assert.notNull(httpSession, "Http session must not be null"); // Check login status - if (SecurityContextHolder.getContext().isAuthenticate()) { + if (SecurityContextHolder.getContext().isAuthenticated()) { throw new BadRequestException("You have logged in already, no need to log in again"); } diff --git a/src/main/java/cc/ryanc/halo/web/controller/admin/api/AdminController.java b/src/main/java/cc/ryanc/halo/web/controller/admin/api/AdminController.java index 15e944890..36cfee22c 100644 --- a/src/main/java/cc/ryanc/halo/web/controller/admin/api/AdminController.java +++ b/src/main/java/cc/ryanc/halo/web/controller/admin/api/AdminController.java @@ -1,13 +1,17 @@ package cc.ryanc.halo.web.controller.admin.api; import cc.ryanc.halo.cache.lock.CacheLock; +import cc.ryanc.halo.exception.BadRequestException; import cc.ryanc.halo.model.dto.CountOutputDTO; import cc.ryanc.halo.model.dto.UserOutputDTO; import cc.ryanc.halo.model.enums.BlogProperties; import cc.ryanc.halo.model.enums.PostStatus; import cc.ryanc.halo.model.params.LoginParam; +import cc.ryanc.halo.security.context.SecurityContextHolder; +import cc.ryanc.halo.security.filter.AdminAuthenticationFilter; import cc.ryanc.halo.service.*; import io.swagger.annotations.ApiOperation; +import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; @@ -19,6 +23,7 @@ import javax.validation.Valid; * @author johnniang * @date 3/19/19 */ +@Slf4j @RestController @RequestMapping("/admin/api") public class AdminController { @@ -62,4 +67,20 @@ public class AdminController { public UserOutputDTO login(@Valid @RequestBody LoginParam loginParam, HttpServletRequest request) { return new UserOutputDTO().convertFrom(userService.login(loginParam.getUsername(), loginParam.getPassword(), request.getSession())); } + + @PostMapping("logout") + @ApiOperation("Logs out (Clear session)") + @CacheLock + public void logout(HttpServletRequest request) { + // Check if the current is logging in + boolean authenticated = SecurityContextHolder.getContext().isAuthenticated(); + + if (!authenticated) { + throw new BadRequestException("You haven't logged in yet, so you can't log out"); + } + + request.getSession().removeAttribute(AdminAuthenticationFilter.ADMIN_SESSION_KEY); + + log.info("You have been logged out, Welcome to you next time!"); + } }