解决登录session问题

stmms-web/src/main/java/cn/com/qmth/stmms/admin/exam/ExamController.java

@@ -4,6 +4,7 @@ import java.util.ArrayList;
 import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import net.sf.json.JSONArray;
 import net.sf.json.JsonConfig;
@@ -43,6 +44,7 @@ import cn.com.qmth.stmms.common.domain.WebUser;
 import cn.com.qmth.stmms.common.enums.ExamStatus;
 import cn.com.qmth.stmms.common.enums.ExamType;
 import cn.com.qmth.stmms.common.enums.Role;
+import cn.com.qmth.stmms.common.session.service.SessionService;
 import cn.com.qmth.stmms.common.utils.Paginator;
 import cn.com.qmth.stmms.common.utils.PictureUrlBuilder;
 import cn.com.qmth.stmms.common.utils.RequestUtils;
@@ -68,6 +70,9 @@ public class ExamController extends BaseExamController {
     @Autowired
     private CampusService campusService;
 
+    @Autowired
+    private SessionService sessionService;
+
     @Value("${sheet.image.server}")
     private String imageServer;
 
@@ -80,7 +85,8 @@ public class ExamController extends BaseExamController {
         query = examService.findByQuery(query);
         if (query.getCurrentCount() > 0) {
             model.addAttribute("examList", query.getResult());
-            model.addAttribute("paginator", new Paginator(query.getPageNumber(), query.getPageSize(), (int) query.getTotalCount()));
+            model.addAttribute("paginator",
+                    new Paginator(query.getPageNumber(), query.getPageSize(), (int) query.getTotalCount()));
         }
         model.addAttribute("query", query);
         return "modules/exam/examList";
@@ -123,8 +129,8 @@ public class ExamController extends BaseExamController {
     @SuppressWarnings("unchecked")
     @RequestMapping(value = "/exam-edit", method = RequestMethod.POST)
     @RoleRequire(Role.SCHOOL_ADMIN)
-    public String examEdit(HttpServletRequest request, Exam exam, int StatusValue, @RequestParam(required = false) String picList,
-            RedirectAttributes redirectAttributes) {
+    public String examEdit(HttpServletRequest request, Exam exam, int StatusValue,
+            @RequestParam(required = false) String picList, RedirectAttributes redirectAttributes) {
         User user = RequestUtils.getWebUser(request).getUser();
         Exam oldExam = examService.findById(exam.getId());
         if (oldExam != null && oldExam.getCreatorId().intValue() == user.getId().intValue()) {
@@ -147,8 +153,10 @@ public class ExamController extends BaseExamController {
     }
 
     @RequestMapping("/exam-select/{examId}")
-    public String select(Model model, HttpServletRequest request, @PathVariable Integer examId) {
+    public String select(Model model, HttpServletRequest request, HttpServletResponse response,
+            @PathVariable Integer examId) {
         SessionExamUtils.setExamId(request, examId);
+        sessionService.put(request, response, RequestUtils.getSession(request));
         WebUser wu = RequestUtils.getWebUser(request);
         if (wu.isSchoolViewer()) {
             return "redirect:/admin/exam/score";
@@ -228,8 +236,8 @@ public class ExamController extends BaseExamController {
 
     @RequestMapping("/exam/getSheetConfig")
     @RoleRequire(Role.SCHOOL_ADMIN)
-    public String get(HttpServletRequest request, Model model, RedirectAttributes redirectAttributes, @RequestParam Integer examId,
-            @RequestParam(required = false) String subjectCode) {
+    public String get(HttpServletRequest request, Model model, RedirectAttributes redirectAttributes,
+            @RequestParam Integer examId, @RequestParam(required = false) String subjectCode) {
         Exam exam = examService.findById(examId);
         ExamSubject subject = examSubjectService.find(examId, subjectCode);
         ExamStudentSearchQuery query = new ExamStudentSearchQuery();
@@ -251,9 +259,8 @@ public class ExamController extends BaseExamController {
 
     private List<String> buildPicUrl(ExamStudent examStudent) {
         Campus campus = campusService.findBySchoolAndName(examStudent.getSchoolId(), examStudent.getCampusName());
-        List<String> picUrls = PictureUrlBuilder
-                .getSheetUrls(examStudent.getExamId(), campus.getId(), examStudent.getSubjectCode(), examStudent.getExamNumber(),
-                        examStudent.getSheetCount());
+        List<String> picUrls = PictureUrlBuilder.getSheetUrls(examStudent.getExamId(), campus.getId(),
+                examStudent.getSubjectCode(), examStudent.getExamNumber(), examStudent.getSheetCount());
         return picUrls;
     }
 }

stmms-web/src/main/java/cn/com/qmth/stmms/common/controller/LoginController.java

@@ -19,10 +19,13 @@ import cn.com.qmth.stmms.biz.exam.service.MarkGroupService;
 import cn.com.qmth.stmms.biz.exam.service.MarkerService;
 import cn.com.qmth.stmms.biz.user.model.User;
 import cn.com.qmth.stmms.biz.user.service.UserService;
+import cn.com.qmth.stmms.common.annotation.Logging;
 import cn.com.qmth.stmms.common.domain.WebUser;
+import cn.com.qmth.stmms.common.enums.LogType;
 import cn.com.qmth.stmms.common.enums.MarkStatus;
 import cn.com.qmth.stmms.common.enums.Role;
 import cn.com.qmth.stmms.common.session.model.StmmsSession;
+import cn.com.qmth.stmms.common.session.service.SessionService;
 import cn.com.qmth.stmms.common.utils.Md5EncryptUtils;
 import cn.com.qmth.stmms.common.utils.RequestUtils;
 
@@ -38,6 +41,9 @@ public class LoginController {
     @Autowired
     private MarkGroupService groupService;
 
+    @Autowired
+    private SessionService sessionService;
+
     @Value("${index.logo}")
     private String indexLogo;
 
@@ -58,6 +64,7 @@ public class LoginController {
         return view;
     }
 
+    @Logging(menu = "登录", type = LogType.QUERY)
     @RequestMapping(value = "/login", method = RequestMethod.POST)
     public ModelAndView login(User user, @RequestParam(required = false) String showType, HttpServletRequest request,
             HttpServletResponse response) {
@@ -73,6 +80,7 @@ public class LoginController {
                     u = userService.save(u);
 
                     session.saveWebUser(new WebUser(u));
+                    sessionService.put(request, response, session);
 
                     if (u.getRole() == Role.SYS_ADMIN || u.getRole() == Role.SCHOOL_ADMIN
                             || u.getRole() == Role.SUBJECT_HEADER || u.getRole() == Role.SCHOOL_VIEWER) {
@@ -132,6 +140,7 @@ public class LoginController {
                 marker.refreshAccessToken();
                 marker.setLastLoginIp(request.getRemoteAddr());
                 RequestUtils.getSession(request).saveWebUser(new WebUser(marker));
+                sessionService.put(request, response, session);
 
                 if (marker.getLastLoginTime() == null) {
                     marker.setLastLoginTime(new Date());

stmms-web/src/main/java/cn/com/qmth/stmms/common/interceptor/LogInterceptor.java

@@ -5,6 +5,7 @@ import java.util.Date;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -14,13 +15,18 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 
 import cn.com.qmth.stmms.admin.utils.SessionExamUtils;
 import cn.com.qmth.stmms.biz.exam.model.Exam;
+import cn.com.qmth.stmms.biz.exam.model.Marker;
 import cn.com.qmth.stmms.biz.exam.model.OperationLog;
 import cn.com.qmth.stmms.biz.exam.service.ExamService;
 import cn.com.qmth.stmms.biz.exam.service.MarkerService;
 import cn.com.qmth.stmms.biz.exam.service.OperationLogService;
+import cn.com.qmth.stmms.biz.user.model.User;
 import cn.com.qmth.stmms.biz.user.service.UserService;
 import cn.com.qmth.stmms.common.annotation.Logging;
 import cn.com.qmth.stmms.common.domain.WebUser;
+import cn.com.qmth.stmms.common.enums.Role;
+import cn.com.qmth.stmms.common.session.model.StmmsSession;
+import cn.com.qmth.stmms.common.utils.AccessControlUtils;
 import cn.com.qmth.stmms.common.utils.RequestUtils;
 
 /**
@@ -44,13 +50,13 @@ public class LogInterceptor extends HandlerInterceptorAdapter {
     private UserService userService;
 
     @Override
-    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
-            ModelAndView modelAndView) {
+    public void postHandle(HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler,
+            ModelAndView modelAndView) throws java.lang.Exception {
         WebUser wu = RequestUtils.getWebUser(request);
-        String uri = request.getRequestURI();
         HandlerMethod method = (HandlerMethod) handler;
+        String uri = request.getRequestURI();
         if (uri.startsWith("/login")) {
-            // wu = buildWebUser(request, response);
+            wu = buildWebUser(request);
         }
         Logging logging = method.getMethodAnnotation(Logging.class);
         if (wu != null && logging != null) {
@@ -59,11 +65,8 @@ public class LogInterceptor extends HandlerInterceptorAdapter {
     }
 
     private void saveLog(Logging logging, WebUser wu, HttpServletRequest request, HttpServletResponse response) {
-        int examId = SessionExamUtils.getExamId(request);
-
         OperationLog log = new OperationLog();
         log.setCreateTime(new Date());
-        log.setExamId(examId > 0 ? null : examId);
         log.setMenu(logging.menu());
         log.setType(logging.type());
         log.setMarker(wu.isMarker());
@@ -72,6 +75,7 @@ public class LogInterceptor extends HandlerInterceptorAdapter {
             log.setOperatorId(wu.getMarker().getId());
             log.setIpAddress(wu.getMarker().getLastLoginIp());
             log.setLoginName(wu.getMarker().getLoginName());
+            log.setExamId(wu.getMarker().getExamId());
             Exam exam = examService.findById(wu.getMarker().getExamId());
             log.setSchoolId(exam.getSchoolId());
         } else {
@@ -79,6 +83,8 @@ public class LogInterceptor extends HandlerInterceptorAdapter {
             log.setOperatorId(wu.getUser().getId());
             log.setIpAddress(wu.getUser().getLastLoginIp());
             log.setLoginName(wu.getUser().getLoginName());
+            int examId = SessionExamUtils.getExamId(request);
+            log.setExamId(examId > 0 ? null : examId);
             log.setSchoolId(wu.getUser().getSchoolId());
         }
         log.setDescription(RequestUtils.getLog(request));
@@ -92,17 +98,31 @@ public class LogInterceptor extends HandlerInterceptorAdapter {
      * @param response
      * @throws Exception
      */
-    // private WebUser buildWebUser(HttpServletRequest request,
-    // HttpServletResponse response) {
-    // WebUser wu = WebUser.buildFromSession(RequestUtils.getSession(request));
-    // if (wu != null) {
-    // RequestUtils.setWebUser(request, wu);
-    // if (wu.isMarker()) {
-    // wu.setDataObject(markerService.findById(wu.getId()));
-    // } else {
-    // wu.setDataObject(userService.findById(wu.getId()));
-    // }
-    // }
-    // return wu;
-    // }
+    private WebUser buildWebUser(HttpServletRequest request) {
+        StmmsSession session = RequestUtils.getSession(request);
+        Integer userId = session.getWebUserId();
+        Role role = session.getWebUserRole();
+        if (userId != null && role != null) {
+            if (Role.MARKER == role) {
+                Marker marker = markerService.findById(userId);
+                if (marker != null && marker.getAccessTokenRefreshTime() != null
+                        && StringUtils.equals(session.getWebUserToken(), marker.getAccessToken())
+                        && !AccessControlUtils.expired(marker.getAccessTokenRefreshTime())) {
+                    WebUser wu = new WebUser(marker, session.getWebUserLogoutUrl());
+                    RequestUtils.setWebUser(request, wu);
+                    return wu;
+                }
+            } else {
+                User user = userService.findById(userId);
+                if (user != null && user.getRole() == role && user.getAccessTokenRefreshTime() != null
+                        && StringUtils.equals(session.getWebUserToken(), user.getAccessToken())
+                        && !AccessControlUtils.expired(user.getAccessTokenRefreshTime())) {
+                    WebUser wu = new WebUser(user);
+                    RequestUtils.setWebUser(request, wu);
+                    return wu;
+                }
+            }
+        }
+        return null;
+    }
 }

stmms-web/src/main/java/cn/com/qmth/stmms/common/interceptor/SessionInterceptor.java

@@ -9,7 +9,6 @@ import javax.servlet.http.HttpServletResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 
 import cn.com.qmth.stmms.common.session.model.StmmsSession;
@@ -35,7 +34,8 @@ public class SessionInterceptor extends HandlerInterceptorAdapter {
     }
 
     @Override
-    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) {
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
+            throws Exception {
         try {
             sessionService.put(request, response, RequestUtils.getSession(request));
         } catch (Exception e) {
@@ -52,7 +52,8 @@ public class SessionInterceptor extends HandlerInterceptorAdapter {
      * @return
      * @throws IOException
      */
-    protected boolean sessionExpire(HttpServletRequest request, HttpServletResponse response, String redirectURI) throws IOException {
+    protected boolean sessionExpire(HttpServletRequest request, HttpServletResponse response, String redirectURI)
+            throws IOException {
         StmmsSession session = RequestUtils.getSession(request);
         session.setInvalid(true);
         sessionService.put(request, response, session);
@@ -69,7 +70,8 @@ public class SessionInterceptor extends HandlerInterceptorAdapter {
      * @return
      * @throws IOException
      */
-    protected boolean redirect(HttpServletRequest request, HttpServletResponse response, String redirectURI) throws IOException {
+    protected boolean redirect(HttpServletRequest request, HttpServletResponse response, String redirectURI)
+            throws IOException {
         response.sendRedirect(request.getContextPath() + redirectURI);
         return false;
     }

stmms-web/src/main/java/cn/com/qmth/stmms/common/session/model/StmmsSession.java

@@ -107,7 +107,7 @@ public class StmmsSession implements Serializable {
     public Role getWebUserRole() {
         String value = getParameter(WEB_USER_ROLE_KEY);
         try {
-            return Role.findByValue(Integer.parseInt(value));
+            return Role.valueOf(value);
         } catch (Exception e) {
             return null;
         }

stmms-web/src/main/java/cn/com/qmth/stmms/common/session/service/impl/CookieSessionServiceImpl.java

@@ -93,7 +93,7 @@ public class CookieSessionServiceImpl implements SessionService {
     private void setCookie(HttpServletResponse response, String name, String value, int maxAge) {
         Cookie cookie = new Cookie(name, value);
         cookie.setMaxAge(maxAge);
-        cookie.setDomain('.' + COOKIE_DOMAIN);
+        // cookie.setDomain('.' + COOKIE_DOMAIN);
         cookie.setPath(COOKIE_PATH);
         response.addCookie(cookie);
     }

stmms-web/src/main/webapp/WEB-INF/spring-mvc.xml

@@ -43,6 +43,12 @@
             <mvc:mapping path="/open/**"/>
             <bean id="sessionInterceptor" class="cn.com.qmth.stmms.common.interceptor.SessionInterceptor"/>
         </mvc:interceptor>
+        <mvc:interceptor>
+        	<mvc:mapping path="/login"/>
+            <mvc:mapping path="/admin/**"/>
+            <mvc:mapping path="/mark/**"/>
+            <bean id="logInterceptor" class="cn.com.qmth.stmms.common.interceptor.LogInterceptor"/>
+        </mvc:interceptor>
         <mvc:interceptor>
             <mvc:mapping path="/admin/**"/>
             <bean id="adminInterceptor" class="cn.com.qmth.stmms.admin.interceptor.AdminInterceptor"/>
@@ -73,13 +79,6 @@
             <mvc:mapping path="/api/**"/>
             <bean id="apiInterceptor" class="cn.com.qmth.stmms.api.interceptor.ApiInterceptor"/>
         </mvc:interceptor>
-        <mvc:interceptor>
-            <mvc:mapping path="/**"/>
-            <mvc:exclude-mapping path="/resources/**"/>
-            <mvc:exclude-mapping path="/static/**"/>
-            <mvc:exclude-mapping path="/file/**"/>
-            <bean id="logInterceptor" class="cn.com.qmth.stmms.common.interceptor.LogInterceptor"/>
-        </mvc:interceptor>
     </mvc:interceptors>
 
     <!-- <bean
@@ -168,4 +167,11 @@
             </list>
         </property>
     </bean>
+    
+    <!-- 配置国际化 -->
+    <bean id="localeResolver" class="org.springframework.web.servlet.i18n.SessionLocaleResolver"/>
+    <bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
+        <property name="defaultEncoding" value="UTF-8"/>
+        <property name="basenames" value="/static/i18n/messages"/>
+    </bean>
 </beans>