bug修复

teachcloud-common/src/main/java/com/qmth/teachcloud/common/domain/SysDomain.java

@@ -1,6 +1,7 @@
 package com.qmth.teachcloud.common.domain;
 
 import java.io.Serializable;
+import java.time.Duration;
 import java.util.List;
 
 /**
@@ -42,6 +43,16 @@ public class SysDomain implements Serializable {
 
     String reportUrl;
 
+    Duration sessionActive;
+
+    public Duration getSessionActive() {
+        return sessionActive;
+    }
+
+    public void setSessionActive(Duration sessionActive) {
+        this.sessionActive = sessionActive;
+    }
+
     public String getReportUrl() {
         return reportUrl;
     }

teachcloud-common/src/main/java/com/qmth/teachcloud/common/entity/TBSession.java

@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
+import com.qmth.teachcloud.common.util.ServletUtil;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 
@@ -92,6 +93,11 @@ public class TBSession implements Serializable {
         this.lastAccessTime = System.currentTimeMillis();
     }
 
+    public void setLastInfo() {
+        this.lastAccessTime = System.currentTimeMillis();
+        this.lastAccessIp = ServletUtil.getRequest().getLocalAddr();
+    }
+
     public String getId() {
         return id;
     }

teachcloud-common/src/main/java/com/qmth/teachcloud/common/util/RedisUtil.java

@@ -53,6 +53,16 @@ public class RedisUtil {
         redisTemplate.opsForValue().set(SystemConstant.SESSION + sessionId, o, time, TimeUnit.SECONDS);
     }
 
+    /**
+     * 获取过期时间
+     *
+     * @param sessionId
+     * @return
+     */
+    public Long getUserSessionExpire(String sessionId) {
+        return redisTemplate.opsForValue().getOperations().getExpire(SystemConstant.SESSION + sessionId);
+    }
+
     /**
      * 批量获取key的value
      *

teachcloud-report/src/main/java/com/qmth/teachcloud/report/auth/TeachcloudReportAuthenticationService.java

@@ -5,6 +5,7 @@ import com.qmth.boot.core.security.model.AccessEntity;
 import com.qmth.boot.core.security.service.AuthorizationService;
 import com.qmth.boot.tools.signature.SignatureType;
 import com.qmth.teachcloud.common.bean.auth.AuthBean;
+import com.qmth.teachcloud.common.config.DictionaryConfig;
 import com.qmth.teachcloud.common.contant.SystemConstant;
 import com.qmth.teachcloud.common.entity.SysUser;
 import com.qmth.teachcloud.common.entity.TBSession;
@@ -35,6 +36,9 @@ public class TeachcloudReportAuthenticationService implements AuthorizationServi
     @Resource
     RedisUtil redisUtil;
 
+    @Resource
+    DictionaryConfig dictionaryConfig;
+
     @Override
     public AccessEntity findByIdentity(String identity, SignatureType signatureType, String path) {
         return new TeachcloudReportSession(identity, SignatureType.TOKEN);
@@ -62,6 +66,17 @@ public class TeachcloudReportAuthenticationService implements AuthorizationServi
                 log.warn("Authorization faile: deviceId invalid, session deviceId is " + tbSession.getDeviceId());
                 throw ExceptionResultEnum.AUTHORIZATION_ERROR.exception();
             }
+
+            Long expireTime = redisUtil.getUserSessionExpire(accessEntity.getIdentity());
+            if (Objects.nonNull(expireTime) && expireTime.longValue() > -1L) {
+                if (Objects.nonNull(tbSession.getLastAccessTime()) && (System.currentTimeMillis() - tbSession.getLastAccessTime()) / 1000 > dictionaryConfig.sysDomain().getSessionActive().getSeconds()) {
+                    log.warn("Authorization faile: session active, session active is " + dictionaryConfig.sysDomain().getSessionActive().getSeconds());
+                    throw ExceptionResultEnum.NOT_LOGIN.exception();
+                }
+                tbSession.setLastInfo();
+                redisUtil.setUserSession(accessEntity.getIdentity(), tbSession, expireTime);
+            }
+
             List<String> privilegeUrl = cacheService.privilegeUrlCache(PrivilegePropertyEnum.NO_AUTH);
             //无需鉴权的url
             int noAuthCount = Objects.nonNull(privilegeUrl) ? (int) privilegeUrl.stream().filter(s -> s.equalsIgnoreCase(path)).count() : 0;