shiro 拦截规则操作跨域

c975c1c8 · xc · e0ed4b2e · c975c1c8
Commit c975c1c8 authored Apr 13, 2021 by xc
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 8 deletions

KickoutSessionControlFilter.java ...ergy/service/shir/filter/KickoutSessionControlFilter.java +16 -8

No files found.
--- a/wisenergy-service/src/main/java/cn/wisenergy/service/shir/filter/KickoutSessionControlFilter.java
+++ b/wisenergy-service/src/main/java/cn/wisenergy/service/shir/filter/KickoutSessionControlFilter.java
@@ -85,26 +85,30 @@ public class KickoutSessionControlFilter extends AccessControlFilter{

        // 登录超时
        Integer userId = null;
+        String tableName = "";
        try {
            //客户端
            User user = (User)SecurityUtils.getSubject().getPrincipal();
            log.info("KickoutSessionControlFilter user : {}.......",user.toString());
            userId = user.getId();
+            tableName="user";
        } catch (Exception e) {
            try {
                //管理端
                AccountInfo accountInfo = (AccountInfo)SecurityUtils.getSubject().getPrincipal();
                log.info("KickoutSessionControlFilter accountInfo : {}.......",accountInfo.toString());
                userId = accountInfo.getId();
+                tableName="account";
            } catch (Exception en) {
                //员工端
                log.info("KickoutSessionControlFilter getSubject : {}..getPrincipal:{},.....",SecurityUtils.getSubject(),SecurityUtils.getSubject().getPrincipal());
                Staff staff = (Staff) SecurityUtils.getSubject().getPrincipal();
                log.info("KickoutSessionControlFilter staff : {}.......",staff.toString());
                userId = staff.getId();
+                tableName="staff";
            }
        }
-        Long SessionTime = (Long)redisTemplate.opsForValue().get("shiroSessionTime:"+userId);
+        Long SessionTime = (Long)redisTemplate.opsForValue().get(tableName+"shiroSessionTime:"+userId);
        Long loginTime = new Date().getTime()-SessionTime;
        Boolean loginOutTime = (new Date().getTime()-SessionTime) >= (EXPIRE_TIME * 1000);
        log.info("KickoutSessionControlFilter 账号id:{} 已登录时长：{} 秒,是否超时：{}",userId,loginTime/1000,loginOutTime);
@@ -130,7 +134,7 @@ public class KickoutSessionControlFilter extends AccessControlFilter{
            return false;
        }
        log.info("KickoutSessionControlFilter Not Login end.......");
-        redisTemplate.opsForValue().set("shiroSessionTime:"+userId, new Date().getTime());
+        redisTemplate.opsForValue().set(tableName+"shiroSessionTime:"+userId, new Date().getTime());
        return true;
    }

@@ -153,18 +157,22 @@ public class KickoutSessionControlFilter extends AccessControlFilter{
        Session session = subject.getSession();
        Serializable sessionId = session.getId();
        Integer userId = null;
+        String tableName = "";
        if(type == 1){
            User user=(User)subject.getPrincipal();
            userId=user.getId();
+            tableName="user";
        }else if(type == 2){
            AccountInfo account=(AccountInfo)subject.getPrincipal();
            userId=account.getId();
+            tableName="account";
        }else{
            Staff staff=(Staff)subject.getPrincipal();
            userId=staff.getId();
+            tableName="staff";
        }
        //读取缓存，没有就存入
-        Deque<Serializable> deque =(Deque<Serializable>) redisTemplate.opsForValue().get(getRedisKickoutKey(userId));
+        Deque<Serializable> deque =(Deque<Serializable>) redisTemplate.opsForValue().get(getRedisKickoutKey(userId,tableName));
        //如果此用户没有session队列，也就是还没有登录过，缓存中没有，就new一个空队列，不然deque对象为空，会报空指针
        if (deque == null || deque.size()==0) {
            deque = new LinkedList<>();
@@ -189,13 +197,13 @@ public class KickoutSessionControlFilter extends AccessControlFilter{
            }
        }
        // 更新redis中的用户登录队列
-        redisTemplate.opsForValue().set(getRedisKickoutKey(userId), deque, EXPIRE_TIME, TimeUnit.SECONDS);
-        redisTemplate.opsForValue().set("shiroSessionTime:"+userId, new Date().getTime());
+        redisTemplate.opsForValue().set(getRedisKickoutKey(userId,tableName), deque, EXPIRE_TIME, TimeUnit.SECONDS);
+        redisTemplate.opsForValue().set(tableName+"shiroSessionTime:"+userId, new Date().getTime());
        log.info("KickoutSessionControlFilter changeSession end.......");
    }

-    private String getRedisKickoutKey(Integer userId) {
-        return keyprefix + userId;
+    private String getRedisKickoutKey(Integer userId,String tabelName) {
+        return keyprefix+tabelName+ userId;
    }

    // 抛出未登录异常
@@ -226,7 +234,7 @@ public class KickoutSessionControlFilter extends AccessControlFilter{
    private void setHeader(HttpServletRequest request, HttpServletResponse response) {
        //跨域的header设置
        response.setHeader("Access-control-Allow-Origin", request.getHeader("Origin"));
-        response.setHeader("Access-Control-Allow-Methods", request.getMethod());
+        response.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers", request.getHeader("Access-Control-Request-Headers"));
        //防止乱码，适用于传输JSON数据