Startsida Utforska Hjälp
Logga in
teachcloud
/
server
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

bug修复

wangliang 4 år sedan
förälder
019b408607
incheckning
8dfa0fe7cf
2 ändrade filer med 24 tillägg och 7 borttagningar
Delad Vy Visa Diff Statistik
  1. 12 3
      distributed-print/src/main/java/com/qmth/distributed/print/auth/DistributedPrintAuthenticationService.java
  2. 12 4
      teachcloud-report/src/main/java/com/qmth/teachcloud/report/auth/TeachcloudReportAuthenticationService.java

+ 12 - 3
distributed-print/src/main/java/com/qmth/distributed/print/auth/DistributedPrintAuthenticationService.java
Visa fil 

@@ -12,6 +12,7 @@ import com.qmth.teachcloud.common.enums.PrivilegePropertyEnum;
 
 import com.qmth.teachcloud.common.enums.RoleTypeEnum;
 
 import com.qmth.teachcloud.common.service.CacheService;
 
 import com.qmth.teachcloud.common.service.TBSessionService;
 
+import com.qmth.teachcloud.common.util.RedisUtil;
 
 import com.qmth.teachcloud.common.util.ServletUtil;
 
 import org.slf4j.Logger;
 
 import org.slf4j.LoggerFactory;
 
@@ -29,10 +30,10 @@ public class DistributedPrintAuthenticationService implements AuthorizationServi
 
     private final static Logger log = LoggerFactory.getLogger(DistributedPrintAuthenticationService.class);
 
 
     @Resource
 
-    TBSessionService tbSessionService;
 
+    CacheService cacheService;
 
 
     @Resource
 
-    CacheService cacheService;
 
+    RedisUtil redisUtil;
 
 
     @Override
 
     public AccessEntity findByIdentity(String identity, SignatureType signatureType, String path) {
 
@@ -42,7 +43,15 @@ public class DistributedPrintAuthenticationService implements AuthorizationServi
 
     @Override
 
     public boolean hasPermission(AccessEntity accessEntity, String path) {
 
         if (Objects.nonNull(accessEntity) && Objects.nonNull(accessEntity.getIdentity())) {
 
-            TBSession tbSession = tbSessionService.getById(accessEntity.getIdentity());
 
+            TBSession tbSession = (TBSession) redisUtil.getUserSession(accessEntity.getIdentity());
 
+            if (Objects.isNull(tbSession)) {
 
+                log.warn("Authorization faile: session id not exists: " + accessEntity.getIdentity());
 
+                throw ExceptionResultEnum.NOT_LOGIN.exception();
 
+            }
 
+            if (tbSession.getExpireTime() <= System.currentTimeMillis()) {
 
+                log.warn("Authorization faile: session has expired, expire time=" + tbSession.getExpireTime());
 
+                throw ExceptionResultEnum.NOT_LOGIN.exception();
 
+            }
 
             List<String> privilegeUrl = cacheService.privilegeUrlCache(PrivilegePropertyEnum.NO_AUTH);
 
             //无需鉴权的url
 
             int noAuthCount = Objects.nonNull(privilegeUrl) ? (int) privilegeUrl.stream().filter(s -> s.equalsIgnoreCase(path)).count() : 0;

+ 12 - 4
teachcloud-report/src/main/java/com/qmth/teachcloud/report/auth/TeachcloudReportAuthenticationService.java
Visa fil 

@@ -11,7 +11,7 @@ import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
 
 import com.qmth.teachcloud.common.enums.PrivilegePropertyEnum;
 
 import com.qmth.teachcloud.common.enums.RoleTypeEnum;
 
 import com.qmth.teachcloud.common.service.CacheService;
 
-import com.qmth.teachcloud.common.service.TBSessionService;
 
+import com.qmth.teachcloud.common.util.RedisUtil;
 
 import com.qmth.teachcloud.common.util.ServletUtil;
 
 import org.slf4j.Logger;
 
 import org.slf4j.LoggerFactory;
 
@@ -29,10 +29,10 @@ public class TeachcloudReportAuthenticationService implements AuthorizationServi
 
     private final static Logger log = LoggerFactory.getLogger(TeachcloudReportAuthenticationService.class);
 
 
     @Resource
 
-    TBSessionService tbSessionService;
 
+    CacheService cacheService;
 
 
     @Resource
 
-    CacheService cacheService;
 
+    RedisUtil redisUtil;
 
 
     @Override
 
     public AccessEntity findByIdentity(String identity, SignatureType signatureType, String path) {
 
@@ -42,7 +42,15 @@ public class TeachcloudReportAuthenticationService implements AuthorizationServi
 
     @Override
 
     public boolean hasPermission(AccessEntity accessEntity, String path) {
 
         if (Objects.nonNull(accessEntity) && Objects.nonNull(accessEntity.getIdentity())) {
 
-            TBSession tbSession = tbSessionService.getById(accessEntity.getIdentity());
 
+            TBSession tbSession = (TBSession) redisUtil.getUserSession(accessEntity.getIdentity());
 
+            if (Objects.isNull(tbSession)) {
 
+                log.warn("Authorization faile: session id not exists: " + accessEntity.getIdentity());
 
+                throw ExceptionResultEnum.NOT_LOGIN.exception();
 
+            }
 
+            if (tbSession.getExpireTime() <= System.currentTimeMillis()) {
 
+                log.warn("Authorization faile: session has expired, expire time=" + tbSession.getExpireTime());
 
+                throw ExceptionResultEnum.NOT_LOGIN.exception();
 
+            }
 
             List<String> privilegeUrl = cacheService.privilegeUrlCache(PrivilegePropertyEnum.NO_AUTH);
 
             //无需鉴权的url
 
             int noAuthCount = Objects.nonNull(privilegeUrl) ? (int) privilegeUrl.stream().filter(s -> s.equalsIgnoreCase(path)).count() : 0;