update

src/main/java/cn/com/qmth/examcloud/app/core/config/TokenFilter.java

@@ -25,6 +25,8 @@ import java.util.Date;
 import static cn.com.qmth.examcloud.app.model.Constants.PLATFORM_SESSION_EXPIRE_TIME;
 
 /**
+ * 认证信息过滤器
+ *
  * @author: fengdesheng
  * @since: 2018/8/1
  */
@@ -32,51 +34,79 @@ public class TokenFilter implements Filter {
     private final static Logger log = LoggerFactory.getLogger(TokenFilter.class);
     private UserAuthService userAuthService;
 
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        log.debug("init");
+    }
+
+    @Override
+    public void destroy() {
+        log.debug("destroy");
+    }
+
     @Override
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
             throws IOException, ServletException {
-        HttpServletRequest request = (HttpServletRequest) servletRequest;
-        CustomHttpServletRequest customRequest = new CustomHttpServletRequest(request);
+        CustomHttpServletRequest customRequest = this.initCustomRequest(servletRequest);
+        if (customRequest != null) {
+            filterChain.doFilter(customRequest, servletResponse);
+            return;
+        }
+        filterChain.doFilter(servletRequest, servletResponse);
+    }
+
+    private CustomHttpServletRequest initCustomRequest(ServletRequest servletRequest) {
         //用户带的token实际为缓存的redisKey
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
         String redisKey = request.getHeader(Constants.PARAM_TOKEN);
-        if (StringUtils.isNotBlank(redisKey)) {
-            //通过redisKey获取原始的登录信息，loginInfo为null则代表尚未登录
-            LoginInfo loginInfo = userAuthService.getLoginInfo(redisKey);
-            if (loginInfo != null) {
-                //判断原始的login token是否在有效时间内
-                if (loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
+        if (StringUtils.isBlank(redisKey)) {
+            //token为空，则不用过滤处理
+            return null;
+        }
+
+        //通过redisKey获取原始的登录信息
+        LoginInfo loginInfo = userAuthService.getLoginInfo(redisKey);
+        if (loginInfo == null) {
+            //loginInfo为空，则代表尚未登录不用处理
+            return null;
+        }
+
+        //处理登录过的信息
+        CustomHttpServletRequest customRequest = new CustomHttpServletRequest(request);
+        if (!this.filterAccessUrl(request.getServletPath())) {
+            //判断原始的login token是否在有效时间内
+            if (!loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
+                try {
                     //已超过有效时间，则自动登录续期
-                    try {
-                        Result<UserInfo> result = userAuthService.login(loginInfo);
-                        UserInfo userInfo = result.getData();
-                        if (userInfo != null) {
-                            //登录成功后缓存新的login token
-                            log.info("redisKey:" + redisKey + " key:" + userInfo.getKey() + " newToken:" + userInfo.getToken());
-                            loginInfo.setToken(userInfo.getToken());
-                            loginInfo.setCreateTime(new Date());
-                            userAuthService.cacheLoginInfo(loginInfo, redisKey);
-                        }
-                    } catch (Exception e) {
-                        log.error(e.getMessage());
+                    Result<UserInfo> result = userAuthService.login(loginInfo);
+                    UserInfo userInfo = result.getData();
+                    if (userInfo != null) {
+                        //登录成功后缓存新的login token
+                        log.info("redisKey:" + redisKey + " key:" + userInfo.getKey() + " newToken:" + userInfo.getToken());
+                        loginInfo.setToken(userInfo.getToken());
+                        loginInfo.setCreateTime(new Date());
+                        userAuthService.cacheLoginInfo(loginInfo, redisKey);
                     }
+                } catch (Exception e) {
+                    log.error(e.getMessage());
                 }
-                //替换原始token到request请求中
-                customRequest.addHeader(Constants.PARAM_TOKEN, loginInfo.getToken());
             }
-            //初始化内部接口请求鉴权
-            userAuthService.initRequestTrace();
         }
-        filterChain.doFilter(customRequest, servletResponse);
-    }
 
-    @Override
-    public void init(FilterConfig filterConfig) throws ServletException {
-        log.debug("init");
+        //替换原始token到request请求中
+        customRequest.addHeader(Constants.PARAM_TOKEN, loginInfo.getToken());
+
+        //初始化内部接口请求鉴权
+        userAuthService.initRequestTrace();
+        return customRequest;
     }
 
-    @Override
-    public void destroy() {
-        log.debug("destroy");
+    private boolean filterAccessUrl(String url) {
+        //跳过不用处理的访问地址
+        if (url.contains("/user/logout")) {
+            return true;
+        }
+        return false;
     }
 
     public void setUserAuthService(UserAuthService userAuthService) {

src/main/java/cn/com/qmth/examcloud/app/service/impl/UserAuthServiceImpl.java

@@ -85,6 +85,10 @@ public class UserAuthServiceImpl implements UserAuthService {
                 .add(PARAM_KEY, key)
                 .add(PARAM_TOKEN, token)
                 .build();
+        //清除缓存用户登录信息
+        String redisKey = StrUtils.md5Key(key);
+        this.removeCacheLoginInfo(redisKey);
+        //退出登录
         return HttpUtils.doPost(requestUrl, formBody, key, token);
     }
 
@@ -160,6 +164,16 @@ public class UserAuthServiceImpl implements UserAuthService {
         redisService.set(APP_SESSION_USER_KEY_PREFIX + key, jsonStr, APP_SESSION_EXPIRE_TIME);
     }
 
+    /**
+     * 清除缓存用户登录信息
+     */
+    private void removeCacheLoginInfo(String key) {
+        if (StringUtils.isEmpty(key)) {
+            throw new ApiException("Key must be not empty.");
+        }
+        redisService.delete(APP_SESSION_USER_KEY_PREFIX + key);
+    }
+
     /**
      * 获取缓存中的用户登录信息
      */