统一鉴权代码优化

themis-backend/src/main/java/com/qmth/themis/backend/api/SysController.java

@@ -290,7 +290,7 @@ public class SysController {
                             @ApiParam(value = "批次名称", required = false) @RequestParam(required = false) String name,
                             @ApiParam(value = "类型(区分实时监考台和考务)", required = false) @RequestParam(required = false) String type) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         List<TEExam> teExamList = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.ADMIN.name()) || authDto.getRoleCodes().toString()
                 .contains(RoleEnum.SUPER_ADMIN.name())) {//管理员
@@ -350,7 +350,7 @@ public class SysController {
         }
         //首先查询当前用户所要监控的roomCode
         QueryWrapper<TBExamInvigilateUser> examInvigilateUserQueryWrapper = new QueryWrapper<>();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         examInvigilateUserQueryWrapper.lambda().eq(TBExamInvigilateUser::getOrgId, tbUser.getOrgId())
                 .eq(TBExamInvigilateUser::getExamId, examId);
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {

themis-backend/src/main/java/com/qmth/themis/backend/api/TBUserController.java

@@ -29,6 +29,8 @@ import com.qmth.themis.common.enums.ExceptionResultEnum;
 import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.enums.Source;
 import com.qmth.themis.common.exception.BusinessException;
+import com.qmth.themis.common.signature.SignatureInfo;
+import com.qmth.themis.common.signature.SignatureType;
 import com.qmth.themis.common.util.AesUtil;
 import com.qmth.themis.common.util.Result;
 import com.qmth.themis.common.util.ResultUtil;
@@ -224,10 +226,10 @@ public class TBUserController {
         mqDtoService.assembleSendOneWayMsg(mqDtoLog);
         //mq发送消息end
         //测试
-        //        String test = SignatureInfo.build(SignatureType.TOKEN, sessionId, token);
+        String test = SignatureInfo.build(SignatureType.TOKEN, sessionId, token);
         Map<String, Object> map = new HashMap<>();
-        map.put(SystemConstant.ACCESS_TOKEN, token);
-        //        map.put(SystemConstant.ACCESS_TOKEN, test);
+//        map.put(SystemConstant.ACCESS_TOKEN, token);
+        map.put(SystemConstant.ACCESS_TOKEN, test);
         map.put(SystemConstant.ACCOUNT, user);
         map.put(SystemConstant.SESSION_ID, sessionId);
         map.put("roleCodes", authDto.getRoleCodes());
@@ -542,7 +544,7 @@ public class TBUserController {
     public Result logout() throws NoSuchAlgorithmException {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
         TBSession tbSession = (TBSession) ServletUtil.getRequestSession();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         if (Objects.isNull(tbSession)) {
             throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
         }
@@ -654,7 +656,7 @@ public class TBUserController {
             tbUserService.saveOrUpdate(tbUser);
             //清除用户缓存
             if (Objects.nonNull(roleSet) && roleSet.size() > 0) {
-                AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+                AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
                 if (Objects.nonNull(authDto)) {
                     for (Source s : Source.values()) {
                         String sessionId = SessionUtil

themis-backend/src/main/java/com/qmth/themis/backend/api/TEExamController.java

@@ -252,7 +252,7 @@ public class TEExamController {
             @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
             @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INSPECTION.name())) {
             userId = null;
         }
@@ -399,7 +399,7 @@ public class TEExamController {
         }
         //首先查询当前用户所要监控的roomCode
         QueryWrapper<TBExamInvigilateUser> examInvigilateUserQueryWrapper = new QueryWrapper<>();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         examInvigilateUserQueryWrapper.lambda().eq(TBExamInvigilateUser::getOrgId, tbUser.getOrgId())
                 .eq(TBExamInvigilateUser::getExamId, examId);

themis-backend/src/main/java/com/qmth/themis/backend/api/TEExamReexamController.java

@@ -252,7 +252,7 @@ public class TEExamReexamController {
                        @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
                        @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {

themis-backend/src/main/java/com/qmth/themis/backend/api/TIeInvigilateCallMobileController.java

@@ -82,11 +82,11 @@ public class TIeInvigilateCallMobileController {
 
     @ApiOperation(value = "监考监控通话查询接口")
     @RequestMapping(value = "/call/list", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "监考监控信息", response = TIeExamInvigilateCallDto.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "监考监控信息", response = TIeExamInvigilateCallDto.class)})
     public Result callList(@ApiParam(value = "考试批次id", required = true) @RequestParam(required = true) Long examId,
-            @ApiParam(value = "通话状态", required = false) @RequestParam(required = false) String callStatus,
-            @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
-            @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
+                           @ApiParam(value = "通话状态", required = false) @RequestParam(required = false) String callStatus,
+                           @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
+                           @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         if (Objects.isNull(examId) || Objects.equals(examId, "")) {
             throw new BusinessException(ExceptionResultEnum.EXAM_ID_IS_NULL);
         }
@@ -95,7 +95,7 @@ public class TIeInvigilateCallMobileController {
             callStatus = callStatusEnum.name();
         }
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -118,9 +118,9 @@ public class TIeInvigilateCallMobileController {
 
     @ApiOperation(value = "监考监控通话提醒接口")
     @RequestMapping(value = "/call/count", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "监考监控信息", response = Integer.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "监考监控信息", response = Integer.class)})
     public Result callCount(@ApiParam(value = "考试批次id", required = true) @RequestParam Long examId,
-            @ApiParam(value = "通话状态", required = false) @RequestParam(required = false) String callStatus) {
+                            @ApiParam(value = "通话状态", required = false) @RequestParam(required = false) String callStatus) {
         if (Objects.isNull(examId) || Objects.equals(examId, "")) {
             throw new BusinessException(ExceptionResultEnum.EXAM_ID_IS_NULL);
         }
@@ -129,7 +129,7 @@ public class TIeInvigilateCallMobileController {
             callStatus = callStatusEnum.name();
         }
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -143,7 +143,7 @@ public class TIeInvigilateCallMobileController {
 
     @ApiOperation(value = "监考监控通话查询来源接口")
     @RequestMapping(value = "/call/query", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "监考监控信息", response = TIeExamInvigilateCall.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "监考监控信息", response = TIeExamInvigilateCall.class)})
     public Result callQuery(@ApiParam(value = "考试记录id", required = true) @RequestParam(required = true) Long recordId) {
         QueryWrapper<TIeExamInvigilateCall> tIeExamInvigilateCallQueryWrapper = new QueryWrapper<>();
         tIeExamInvigilateCallQueryWrapper.lambda().eq(TIeExamInvigilateCall::getExamRecordId, recordId);
@@ -152,11 +152,11 @@ public class TIeInvigilateCallMobileController {
 
     @ApiOperation(value = "通话中接口")
     @RequestMapping(value = "/call/calling", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "{\"success\":true}", response = Result.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "{\"success\":true}", response = Result.class)})
     @Transactional
     public Result callCalling(@ApiJsonObject(name = "callCallingBackendMobile", value = {
             @ApiJsonProperty(key = "recordId", type = "long", example = "1", description = "考试记录id", required = true),
-            @ApiJsonProperty(key = "source", description = "监考视频源", required = true) }) @ApiParam(value = "监控信息", required = true) @RequestBody Map<String, Object> mapParameter) {
+            @ApiJsonProperty(key = "source", description = "监考视频源", required = true)}) @ApiParam(value = "监控信息", required = true) @RequestBody Map<String, Object> mapParameter) {
         if (Objects.isNull(mapParameter.get("recordId")) || Objects.equals(mapParameter.get("recordId"), "")) {
             throw new BusinessException(ExceptionResultEnum.RECORD_ID_IS_NULL);
         }
@@ -186,11 +186,11 @@ public class TIeInvigilateCallMobileController {
 
     @ApiOperation(value = "撤销通话申请接口")
     @RequestMapping(value = "/call/cancel", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "{\"success\":true}", response = Result.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "{\"success\":true}", response = Result.class)})
     @Transactional
     public Result callCancel(@ApiJsonObject(name = "callCancelBackendMobile", value = {
             @ApiJsonProperty(key = "recordId", type = "long", example = "1", description = "考试记录id", required = true),
-            @ApiJsonProperty(key = "source", description = "监考视频源", required = true) }) @ApiParam(value = "监控信息", required = true) @RequestBody Map<String, Object> mapParameter) {
+            @ApiJsonProperty(key = "source", description = "监考视频源", required = true)}) @ApiParam(value = "监控信息", required = true) @RequestBody Map<String, Object> mapParameter) {
         if (Objects.isNull(mapParameter.get("recordId")) || Objects.equals(mapParameter.get("recordId"), "")) {
             throw new BusinessException(ExceptionResultEnum.RECORD_ID_IS_NULL);
         }
@@ -226,7 +226,7 @@ public class TIeInvigilateCallMobileController {
     @ApiOperation(value = "监考获取monitorKey接口")
     @RequestMapping(value = "/getMonitorKey", method = RequestMethod.POST)
     @ApiResponses({
-            @ApiResponse(code = 200, message = "获取监考monitorKey", response = MobileAuthorizationMonitorBean.class) })
+            @ApiResponse(code = 200, message = "获取监考monitorKey", response = MobileAuthorizationMonitorBean.class)})
     public Result getMonitorKey(@ApiParam(value = "考试记录id", required = true) @RequestParam Long recordId)
             throws NoSuchAlgorithmException {
         TBSession tbSession = (TBSession) ServletUtil.getRequestSession();

themis-backend/src/main/java/com/qmth/themis/backend/api/TIeInvigilateController.java

@@ -113,7 +113,7 @@ public class TIeInvigilateController {
                             @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
                             @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -187,7 +187,7 @@ public class TIeInvigilateController {
             throw new BusinessException("随机数不能为空");
         }
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -243,7 +243,7 @@ public class TIeInvigilateController {
                               @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
                               @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -389,7 +389,7 @@ public class TIeInvigilateController {
                              @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
                              @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -431,7 +431,7 @@ public class TIeInvigilateController {
                                @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
                                @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -450,7 +450,7 @@ public class TIeInvigilateController {
                                    @ApiParam(value = "姓名", required = false) @RequestParam(required = false) String name,
                                    @ApiParam(value = "证件号", required = false) @RequestParam(required = false) String identity) throws Exception {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {

themis-backend/src/main/java/com/qmth/themis/backend/api/TIeInvigilateWarnInfoController.java

@@ -54,7 +54,7 @@ public class TIeInvigilateWarnInfoController {
                          @ApiParam(value = "考试场次id", required = false) @RequestParam(required = false) Long examActivityId,
                          @ApiParam(value = "虚拟考场代码", required = false) @RequestParam(required = false) String roomCode) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -82,7 +82,7 @@ public class TIeInvigilateWarnInfoController {
                        @ApiParam(value = "分页页码", required = true) @RequestParam int pageNumber,
                        @ApiParam(value = "分页数", required = true) @RequestParam int pageSize) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -96,7 +96,7 @@ public class TIeInvigilateWarnInfoController {
     @ApiResponses({@ApiResponse(code = 200, message = "预警通知信息", response = TIeWarningNotifyDto.class)})
     public Result warningMessage(@ApiParam(value = "考试批次id", required = false) @RequestParam(required = false) Long examId) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {
@@ -150,7 +150,7 @@ public class TIeInvigilateWarnInfoController {
                                           @ApiParam(value = "预警量min", required = false) @RequestParam(required = false) Integer minWarningCount,
                                           @ApiParam(value = "预警量max", required = false) @RequestParam(required = false) Integer maxWarningCount) {
         TBUser tbUser = (TBUser) ServletUtil.getRequestAccount();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + tbUser.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + tbUser.getId());
         //如果有监考员角色，只能查看自己所监考的考场，巡考员和管理员则可以查看全部考场
         Long userId = null;
         if (authDto.getRoleCodes().toString().contains(RoleEnum.INVIGILATE.name())) {

themis-backend/src/main/java/com/qmth/themis/backend/config/WebMvcConfig.java

@@ -39,7 +39,6 @@ public class WebMvcConfig implements WebMvcConfigurer {
                 .excludePathPatterns(dictionaryConfig.authNoUrlDomain().getUrls());
         registry.addInterceptor(AuthThirdInterceptor()).addPathPatterns(SystemConstant.THIRD_ALL_PATH)
                 .excludePathPatterns(dictionaryConfig.authNoUrlDomain().getUrls());
-        ;
     }
 
     //    @Override

themis-backend/src/main/java/com/qmth/themis/backend/interceptor/AuthInterceptor.java

@@ -2,19 +2,11 @@ package com.qmth.themis.backend.interceptor;
 
 import com.qmth.themis.backend.config.DictionaryConfig;
 import com.qmth.themis.business.constant.SystemConstant;
-import com.qmth.themis.business.dto.AuthDto;
-import com.qmth.themis.business.entity.TBSession;
-import com.qmth.themis.business.entity.TBUser;
-import com.qmth.themis.business.service.CacheService;
-import com.qmth.themis.business.service.TBUserService;
-import com.qmth.themis.business.util.RedisUtil;
+import com.qmth.themis.business.util.AuthUtil;
 import com.qmth.themis.business.util.ServletUtil;
 import com.qmth.themis.common.enums.ExceptionResultEnum;
 import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.exception.BusinessException;
-import com.qmth.themis.common.signature.SignatureInfo;
-import com.qmth.themis.common.signature.SignatureType;
-import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.HandlerInterceptor;
@@ -23,9 +15,6 @@ import org.springframework.web.servlet.ModelAndView;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
 
 /**
  * @Description: 鉴权拦截器
@@ -37,20 +26,11 @@ import java.util.Set;
 public class AuthInterceptor implements HandlerInterceptor {
     private final static Logger log = LoggerFactory.getLogger(AuthInterceptor.class);
 
-    @Resource
-    CacheService cacheService;
-
     @Resource
     DictionaryConfig dictionaryConfig;
 
-    @Resource
-    TBUserService tbUserService;
-
-    @Resource
-    RedisUtil redisUtil;
-
     @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) {
         log.info("backend HandlerInterceptor preHandle is come in");
         String url = request.getServletPath();
         String method = request.getMethod();
@@ -63,86 +43,7 @@ public class AuthInterceptor implements HandlerInterceptor {
         String time = ServletUtil.getRequestTime();
         log.info("Start authorization: url:{}, method:{}, platform:{}, deviceId:{}, authorization:{}, time:{}", url,
                 method, platform, deviceId, authorization, time);
-        //校验时间戳是否过期
-        long timestamp = StringUtils.isNumeric(time) ? Long.parseLong(time) : 0L;
-        if (SystemConstant.expire(timestamp)) {
-            log.warn("Authorization faile: time expired, server time=" + System.currentTimeMillis());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        //测试
-//        final SignatureInfo info = SignatureInfo.parse(authorization);
-        //校验签名信息
-        final SignatureInfo info = SignatureInfo.parse(method.toLowerCase(), url, timestamp, authorization);
-        if (info == null) {
-            log.warn("Authorization faile: signature decode error");
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        if (SignatureType.TOKEN != info.getType()) {
-            log.warn("Authorization faile: signature type is not Token");
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        //校验session
-        String sessionId = info.getInvoker();
-        TBSession tbSession = (TBSession) redisUtil.getUserSession(sessionId);
-        if (Objects.isNull(tbSession)) {
-            log.warn("Authorization faile: session id not exists: " + sessionId);
-            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-        }
-        if (tbSession.getExpireTime() <= System.currentTimeMillis() || info.getTimestamp() > tbSession.getExpireTime()) {
-            log.warn("Authorization faile: session has expired, expire time=" + tbSession.getExpireTime());
-            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-        }
-        if (!info.validate(tbSession.getAccessToken())) {
-            log.warn("Authorization faile: access token invalid, session token is " + tbSession.getAccessToken());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        if (!tbSession.getPlatform().equalsIgnoreCase(platform.name())) {
-            log.warn("Authorization faile: platform invalid, session platform is " + tbSession.getPlatform());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        if (!tbSession.getDeviceId().equalsIgnoreCase(deviceId)) {
-            log.warn("Authorization faile: deviceId invalid, session deviceId is " + tbSession.getDeviceId());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        long userId = Long.parseLong(tbSession.getIdentity());
-        TBUser tbUser = (TBUser) redisUtil.getUser(userId);
-        if (Objects.isNull(tbUser)) {
-            tbUser = tbUserService.getById(userId);
-            redisUtil.setUser(tbUser.getId(), tbUser);
-        }
-
-        request.setAttribute(SystemConstant.SESSION, tbSession);
-        request.setAttribute(SystemConstant.ACCOUNT, tbUser);
-
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.userOauth + "::" + userId);
-        //验证权限
-        if (Objects.isNull(authDto)) {
-            authDto = cacheService.addAccountCache(userId);
-        }
-        request.setAttribute(SystemConstant.ORG, authDto.getTbOrg());
-
-        //系统管理员拥有所有权限
-//        if (authDto.getRoleCodes().contains(RoleEnum.SUPER_ADMIN.name())) {
-//            return true;
-//        }
-        //系统公用接口不拦截
-        List<String> sysUrls = dictionaryConfig.systemUrlDomain().getUrls();
-        int sysCount = (int) sysUrls.stream().filter(s -> {
-            return s.equalsIgnoreCase(url);
-        }).count();
-        if (sysCount > 0) {
-            return true;
-        }
-        Set<String> urls = authDto.getUrls();
-        int count = (int) urls.stream().filter(s -> {
-            return s.equalsIgnoreCase(url);
-        }).count();
-        if (count == 0) {
-            log.warn("Authorization faile: url cannot access");
-            throw new BusinessException(ExceptionResultEnum.UN_AUTHORIZATION);
-        }
-        response.setStatus(ExceptionResultEnum.SUCCESS.getCode());
-        return true;
+        return AuthUtil.adminAuthInterceptor(platform, deviceId, authorization, time, dictionaryConfig.systemUrlDomain().getUrls(), request, response);
     }
 
     @Override

themis-backend/src/main/java/com/qmth/themis/backend/websocket/WebSocketAdminServer.java

@@ -8,13 +8,13 @@ import com.qmth.themis.business.constant.SystemConstant;
 import com.qmth.themis.business.dto.WebsocketDto;
 import com.qmth.themis.business.entity.TBSession;
 import com.qmth.themis.business.enums.WebsocketTypeEnum;
+import com.qmth.themis.business.util.AuthUtil;
 import com.qmth.themis.business.util.JacksonUtil;
 import com.qmth.themis.business.util.RedisUtil;
 import com.qmth.themis.business.util.WebsocketUtil;
 import com.qmth.themis.common.enums.ExceptionResultEnum;
+import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.exception.BusinessException;
-import com.qmth.themis.common.signature.SignatureInfo;
-import com.qmth.themis.common.signature.SignatureType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
@@ -24,7 +24,6 @@ import javax.websocket.server.ServerEndpoint;
 import java.io.IOException;
 import java.lang.reflect.Method;
 import java.net.InetSocketAddress;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
@@ -79,52 +78,25 @@ public class WebSocketAdminServer
         this.Authorization = String.valueOf(mapParameter.get("Authorization").get(0));
         this.time = Long.parseLong(String.valueOf(mapParameter.get("time").get(0)));
         this.userId = Long.parseLong(String.valueOf(mapParameter.get("userId").get(0)));
-//        final SignatureInfo info = SignatureInfo
-//                .parse(Authorization);
-        if (!SystemConstant.expire(this.time.longValue())) {
-            final SignatureInfo info = SignatureInfo
-                    .parse(SystemConstant.GET, url, this.time, this.Authorization);
-            if (Objects.nonNull(info) && info.getType() == SignatureType.TOKEN) {
-                String sessionId = info.getInvoker();
-                redisUtil = SpringContextHolder.getBean(RedisUtil.class);
-                TBSession tbSession = (TBSession) redisUtil.getUserSession(sessionId);
-                if (Objects.isNull(tbSession)) {
-                    throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-                } else {
-                    if (info.validate(tbSession.getAccessToken()) && info.getTimestamp() < tbSession.getExpireTime()
-                            && platform.equalsIgnoreCase(tbSession.getPlatform()) && Objects.equals(deviceId, tbSession.getDeviceId())) {
-                        this.session = session;
-                        session.setMaxIdleTimeout(SystemConstant.WEBSOCKET_MAX_TIME_OUT);
-                        this.sessionId = tbSession.getId();
-                        if (webSocketMap.containsKey(this.userId)) {
-                            webSocketMap.remove(this.userId);
-                            webSocketMap.put(this.userId, this);
-                        } else {
-                            webSocketMap.put(this.userId, this);
-                            addOnlineCount();
-                        }
-                        //发送恢复网络mq消息
-                        log.info("用户连接:{},当前在线人数为:{}", this.sessionId, getOnlineCount());
-                        InetSocketAddress addr = (InetSocketAddress) WebsocketUtil.getFieldInstance(this.session.getAsyncRemote(), "base#socketWrapper#socket#sc#remoteAddress");
-                        this.ip = addr.toString().replace("/", "").split(":")[0];
-//                    this.sendMessage("ip[" + this.ip + "]连接成功");
-                        log.info("ip[:{}]连接成功", this.ip);
-                        tranMap = new HashMap<>();
-                        tranMap.put("userId", this.userId);
-                        tranMap.put("deviceId", this.deviceId);
-                        tranMap.put("ip", this.ip);
-                        this.updateTime = System.currentTimeMillis();
-                        tranMap.put("updateTime", this.updateTime);
-                    } else {
-                        throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-                    }
-                }
-            } else {
-                throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-            }
+
+        redisUtil = SpringContextHolder.getBean(RedisUtil.class);
+        TBSession tbSession = AuthUtil.websocketAuthInterceptor(Platform.valueOf(platform), deviceId, Authorization, String.valueOf(mapParameter.get("time").get(0)), SystemConstant.GET, url);
+        this.session = session;
+        session.setMaxIdleTimeout(SystemConstant.WEBSOCKET_MAX_TIME_OUT);
+        this.sessionId = tbSession.getId();
+        if (webSocketMap.containsKey(this.userId)) {
+            webSocketMap.remove(this.userId);
+            webSocketMap.put(this.userId, this);
         } else {
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+            webSocketMap.put(this.userId, this);
+            addOnlineCount();
         }
+        log.info("用户连接:{},当前在线人数为:{}", this.sessionId, getOnlineCount());
+        InetSocketAddress addr = (InetSocketAddress) WebsocketUtil.getFieldInstance(this.session.getAsyncRemote(), "base#socketWrapper#socket#sc#remoteAddress");
+        this.ip = addr.toString().replace("/", "").split(":")[0];
+        log.info("ip[:{}]连接成功", this.ip);
+        this.updateTime = System.currentTimeMillis();
+        tranMap = WebsocketUtil.initWebsocket(null, userId, deviceId, ip, updateTime);
     }
 
     /**

themis-business/src/main/java/com/qmth/themis/business/constant/SystemConstant.java

@@ -287,11 +287,11 @@ public class SystemConstant {
     /**
      * 缓存配置
      */
-    public static final String userOauth = "user:oauth:cache";
+    public static final String userOauth = "user:oauth:cache::";
 
-    public static final String studentOauth = "student:oauth:cache";
+    public static final String studentOauth = "student:oauth:cache::";
 
-    public static final String configCache = "config:cache";
+    public static final String configCache = "config:cache::";
     //    /**
     //     * ehcache配置
     //     */

themis-business/src/main/java/com/qmth/themis/business/service/impl/TEMobileServiceImpl.java

@@ -83,7 +83,7 @@ public class TEMobileServiceImpl implements TEMobileService {
         }
         Platform platform = Platform.valueOf(ServletUtil.getRequestPlatform());
         String deviceId = ServletUtil.getRequestDeviceId();
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + "::" + es.getStudentId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + es.getStudentId());
         // 生成token
         String token = RandomStringUtils.randomAlphanumeric(32);
         String sessionId = ret.getSessionId();
@@ -125,7 +125,7 @@ public class TEMobileServiceImpl implements TEMobileService {
         ExamStudentCacheBean es = examStudentService
                 .getExamStudentCacheBean(ExamRecordCacheUtil.getExamStudentId(ret.getRecordId()));
         String userType = MobileAuthCacheUtil.getUserType(mode, code);
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + "::" + es.getStudentId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + es.getStudentId());
         String sessionId = SessionUtil
                 .digest(es.getStudentId(), Math.abs(authDto.getRoleCodes().toString().hashCode()), sourceEnum);
         if (Objects.nonNull(userType) && userType.contains(RoleEnum.STUDENT.name())) {
@@ -151,7 +151,7 @@ public class TEMobileServiceImpl implements TEMobileService {
         ExamStudentCacheBean es = examStudentService
                 .getExamStudentCacheBean(ExamRecordCacheUtil.getExamStudentId(recordId));
         Source sourceEnum = Source.OE_ANSWER;
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + "::" + es.getStudentId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + es.getStudentId());
         String sessionId = SessionUtil
                 .digest(es.getStudentId(), Math.abs(authDto.getRoleCodes().toString().hashCode()), sourceEnum);
         ret.setRecordId(recordId);

themis-business/src/main/java/com/qmth/themis/business/util/AuthUtil.java

@@ -0,0 +1,244 @@
+package com.qmth.themis.business.util;
+
+import com.google.gson.Gson;
+import com.qmth.themis.business.constant.SpringContextHolder;
+import com.qmth.themis.business.constant.SystemConstant;
+import com.qmth.themis.business.dto.AuthDto;
+import com.qmth.themis.business.dto.cache.TEStudentCacheDto;
+import com.qmth.themis.business.entity.TBSession;
+import com.qmth.themis.business.entity.TBUser;
+import com.qmth.themis.business.entity.TEStudent;
+import com.qmth.themis.business.service.CacheService;
+import com.qmth.themis.business.service.TBUserService;
+import com.qmth.themis.business.service.TEStudentService;
+import com.qmth.themis.common.enums.ExceptionResultEnum;
+import com.qmth.themis.common.enums.Platform;
+import com.qmth.themis.common.exception.BusinessException;
+import com.qmth.themis.common.signature.SignatureInfo;
+import com.qmth.themis.common.signature.SignatureType;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+
+/**
+ * @Description: 鉴权工具类util
+ * @Param:
+ * @return:
+ * @Author: wangliang
+ * @Date: 2020/11/12
+ */
+public class AuthUtil {
+    private final static Logger log = LoggerFactory.getLogger(AuthUtil.class);
+
+    /**
+     * admin鉴权
+     *
+     * @param platform
+     * @param deviceId
+     * @param authorization
+     * @param time
+     * @param sysUrls
+     * @param request
+     * @param response
+     * @return
+     */
+    public static boolean adminAuthInterceptor(Platform platform,
+                                               String deviceId,
+                                               String authorization,
+                                               String time,
+                                               List<String> sysUrls,
+                                               HttpServletRequest request,
+                                               HttpServletResponse response) {
+        RedisUtil redisUtil = SpringContextHolder.getBean(RedisUtil.class);
+        TBUserService tbUserService = SpringContextHolder.getBean(TBUserService.class);
+        String url = request.getServletPath();
+        String method = request.getMethod();
+        TBSession tbSession = authHeadCommon(redisUtil, platform, deviceId, authorization, time, method, url);
+        long userId = Long.parseLong(tbSession.getIdentity());
+        TBUser tbUser = (TBUser) redisUtil.getUser(userId);
+        if (Objects.isNull(tbUser)) {
+            tbUser = tbUserService.getById(userId);
+            redisUtil.setUser(tbUser.getId(), tbUser);
+        }
+        request.setAttribute(SystemConstant.SESSION, tbSession);
+        request.setAttribute(SystemConstant.ACCOUNT, tbUser);
+        return authFootCommon(redisUtil, userId, SystemConstant.userOauth, sysUrls, request, response);
+    }
+
+    /**
+     * exam鉴权
+     *
+     * @param platform
+     * @param deviceId
+     * @param authorization
+     * @param time
+     * @param sysUrls
+     * @param request
+     * @param response
+     * @return
+     */
+    public static boolean examAuthInterceptor(Platform platform,
+                                              String deviceId,
+                                              String authorization,
+                                              String time,
+                                              List<String> sysUrls,
+                                              HttpServletRequest request,
+                                              HttpServletResponse response) {
+        RedisUtil redisUtil = SpringContextHolder.getBean(RedisUtil.class);
+        TEStudentService teStudentService = SpringContextHolder.getBean(TEStudentService.class);
+        String url = request.getServletPath();
+        String method = request.getMethod();
+        TBSession tbSession = authHeadCommon(redisUtil, platform, deviceId, authorization, time, method, url);
+        long userId = Long.parseLong(tbSession.getIdentity());
+        TEStudentCacheDto teStudentCacheDto = (TEStudentCacheDto) redisUtil.getStudent(userId);
+        if (Objects.isNull(teStudentCacheDto)) {
+            TEStudent teStudent = teStudentService.getById(userId);
+            Gson gson = new Gson();
+            teStudentCacheDto = gson.fromJson(gson.toJson(teStudent), TEStudentCacheDto.class);
+            redisUtil.setStudent(teStudent.getId(), teStudentCacheDto);
+        }
+        request.setAttribute(SystemConstant.SESSION, tbSession);
+        request.setAttribute(SystemConstant.STUDENT_ACCOUNT, teStudentCacheDto);
+        return authFootCommon(redisUtil, userId, SystemConstant.studentOauth, sysUrls, request, response);
+    }
+
+    /**
+     * websocket鉴权
+     *
+     * @param platform
+     * @param deviceId
+     * @param authorization
+     * @param time
+     * @param method
+     * @param url
+     * @return
+     */
+    public static TBSession websocketAuthInterceptor(Platform platform,
+                                                     String deviceId,
+                                                     String authorization,
+                                                     String time,
+                                                     String method,
+                                                     String url) {
+        RedisUtil redisUtil = SpringContextHolder.getBean(RedisUtil.class);
+        return authHeadCommon(redisUtil, platform, deviceId, authorization, time, method, url);
+    }
+
+    /**
+     * 鉴权头公用
+     *
+     * @param redisUtil
+     * @param platform
+     * @param deviceId
+     * @param authorization
+     * @param time
+     * @return
+     */
+    static TBSession authHeadCommon(RedisUtil redisUtil,
+                                    Platform platform,
+                                    String deviceId,
+                                    String authorization,
+                                    String time,
+                                    String method,
+                                    String url) {
+        long timestamp = StringUtils.isNumeric(time) ? Long.parseLong(time) : 0L;
+//        if (SystemConstant.expire(timestamp)) {
+//            log.warn("Authorization faile: time expired, server time=" + System.currentTimeMillis());
+//            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+//        }
+        //测试
+        final SignatureInfo info = SignatureInfo.parse(authorization);
+        //校验签名信息
+//        final SignatureInfo info = SignatureInfo.parse(method.toLowerCase(), url, timestamp, authorization);
+        if (info == null) {
+            log.warn("Authorization faile: signature decode error");
+            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+        }
+        if (SignatureType.TOKEN != info.getType()) {
+            log.warn("Authorization faile: signature type is not Token");
+            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+        }
+        //校验session
+        String sessionId = info.getInvoker();
+        TBSession tbSession = (TBSession) redisUtil.getUserSession(sessionId);
+        if (Objects.isNull(tbSession)) {
+            log.warn("Authorization faile: session id not exists: " + sessionId);
+            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
+        }
+        if (tbSession.getExpireTime() <= System.currentTimeMillis() || info.getTimestamp() > tbSession.getExpireTime()) {
+            log.warn("Authorization faile: session has expired, expire time=" + tbSession.getExpireTime());
+            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
+        }
+        if (!info.validate(tbSession.getAccessToken())) {
+            log.warn("Authorization faile: access token invalid, session token is " + tbSession.getAccessToken());
+            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+        }
+        if (!tbSession.getPlatform().equalsIgnoreCase(platform.name())) {
+            log.warn("Authorization faile: platform invalid, session platform is " + tbSession.getPlatform());
+            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+        }
+        if (!tbSession.getDeviceId().equalsIgnoreCase(deviceId)) {
+            log.warn("Authorization faile: deviceId invalid, session deviceId is " + tbSession.getDeviceId());
+            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+        }
+        return tbSession;
+    }
+
+    /**
+     * 鉴权尾公用
+     *
+     * @param redisUtil
+     * @param userId
+     * @param type
+     * @param sysUrls
+     * @param request
+     * @param response
+     * @return
+     */
+    static boolean authFootCommon(RedisUtil redisUtil,
+                                  long userId,
+                                  String type,
+                                  List<String> sysUrls,
+                                  HttpServletRequest request,
+                                  HttpServletResponse response) {
+        String url = request.getServletPath();
+        CacheService cacheService = SpringContextHolder.getBean(CacheService.class);
+        AuthDto authDto = (AuthDto) redisUtil.get(type + userId);
+        //验证权限
+        if (Objects.isNull(authDto)) {
+            if (type.contains(SystemConstant.userOauth)) {
+                authDto = cacheService.addAccountCache(userId);
+            } else if (type.contains(SystemConstant.studentOauth)) {
+                authDto = cacheService.addStudentCache(userId);
+            }
+        }
+        request.setAttribute(SystemConstant.ORG, authDto.getTbOrg());
+
+        //系统管理员拥有所有权限
+//        if (authDto.getRoleCodes().contains(RoleEnum.SUPER_ADMIN.name())) {
+//            return true;
+//        }
+        //系统公用接口不拦截
+        int sysCount = (int) sysUrls.stream().filter(s -> {
+            return s.equalsIgnoreCase(url);
+        }).count();
+        if (sysCount > 0) {
+            return true;
+        }
+        Set<String> urls = authDto.getUrls();
+        int count = (int) urls.stream().filter(s -> {
+            return s.equalsIgnoreCase(url);
+        }).count();
+        if (count == 0) {
+            log.warn("Authorization faile: url cannot access");
+            throw new BusinessException(ExceptionResultEnum.UN_AUTHORIZATION);
+        }
+        response.setStatus(ExceptionResultEnum.SUCCESS.getCode());
+        return true;
+    }
+}

themis-business/src/main/java/com/qmth/themis/business/util/WebsocketUtil.java

@@ -1,6 +1,17 @@
 package com.qmth.themis.business.util;
 
+import com.qmth.themis.business.cache.ExamRecordCacheUtil;
+import com.qmth.themis.business.constant.SpringContextHolder;
+import com.qmth.themis.business.enums.ExamRecordFieldEnum;
+import com.qmth.themis.business.enums.WebsocketStatusEnum;
+import com.qmth.themis.business.service.TOeExamRecordService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import java.lang.reflect.Field;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
 
 /**
  * @Description: websocket util
@@ -10,6 +21,7 @@ import java.lang.reflect.Field;
  * @Date: 2020/7/27
  */
 public class WebsocketUtil {
+    private final static Logger log = LoggerFactory.getLogger(WebsocketUtil.class);
 
     public static Object getFieldInstance(Object obj, String fieldPath) {
         String fields[] = fieldPath.split("#");
@@ -35,4 +47,47 @@ public class WebsocketUtil {
         }
         return null;
     }
+
+    /**
+     * 更新websocket状态
+     *
+     * @param recordId
+     * @param ip
+     * @param sessionId
+     * @param websocketStatusEnum
+     */
+    public static void updateExamRecordWebsocketStatus(Long recordId, String ip, String sessionId, WebsocketStatusEnum websocketStatusEnum) {
+        ExamRecordCacheUtil.setClientWebsocketStatus(recordId, websocketStatusEnum, false);
+        ExamRecordCacheUtil.setClientCurrentIp(recordId, ip, false);
+        ExamRecordCacheUtil.setClientWebsocketId(recordId, sessionId, false);
+        Long clientLastSyncTime = System.currentTimeMillis();
+        ExamRecordCacheUtil.setClientLastSyncTime(recordId, clientLastSyncTime, false);
+        String[] columns = new String[]{ExamRecordFieldEnum.client_websocket_status.name(), ExamRecordFieldEnum.client_current_ip.name(), ExamRecordFieldEnum.client_websocket_id.name(), ExamRecordFieldEnum.client_last_sync_time.name()};
+        Object[] values = new Object[]{websocketStatusEnum, ip, sessionId, clientLastSyncTime};
+        TOeExamRecordService tOeExamRecordService = SpringContextHolder.getBean(TOeExamRecordService.class);
+        tOeExamRecordService.dataUpdatesMq(recordId, columns, values);
+    }
+
+    /**
+     * 初始化websocket
+     *
+     * @param recordId
+     * @param userId
+     * @param deviceId
+     * @param ip
+     * @param updateTime
+     * @return
+     */
+    public static Map<String, Object> initWebsocket(Long recordId, Long userId, String deviceId, String ip, Long updateTime) {
+        Map<String, Object> tranMap = new HashMap<>();
+        if (Objects.nonNull(recordId)) {
+            tranMap.put("recordId", recordId);
+        } else if (Objects.nonNull(userId)) {
+            tranMap.put("userId", userId);
+        }
+        tranMap.put("deviceId", deviceId);
+        tranMap.put("ip", ip);
+        tranMap.put("updateTime", updateTime);
+        return tranMap;
+    }
 }

themis-common/src/main/java/com/qmth/themis/common/signature/SignatureInfo.java

@@ -104,32 +104,32 @@ public class SignatureInfo {
         return Base64Util.encode(ShaUtils.sha1(StringUtils.join(values, PARAM_JOINER)));
     }
 
-    /**
-     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证
-     *
-     * @param secret
-     * @return
-     */
-    public boolean validate(String secret) {
-        if (method != null && uri != null && timestamp >= 0 && secret != null && ciphertext != null) {
-            return encrypt(method, uri, String.valueOf(timestamp), secret).equals(ciphertext);
-        }
-        return false;
-    }
-
 //    /**
-//     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证(测试用)
+//     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证
 //     *
 //     * @param secret
 //     * @return
 //     */
 //    public boolean validate(String secret) {
-//        if (secret != null && ciphertext != null) {
-//            return encrypt(secret).equals(ciphertext);
+//        if (method != null && uri != null && timestamp >= 0 && secret != null && ciphertext != null) {
+//            return encrypt(method, uri, String.valueOf(timestamp), secret).equals(ciphertext);
 //        }
 //        return false;
 //    }
 
+    /**
+     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证(测试用)
+     *
+     * @param secret
+     * @return
+     */
+    public boolean validate(String secret) {
+        if (secret != null && ciphertext != null) {
+            return encrypt(secret).equals(ciphertext);
+        }
+        return false;
+    }
+
     /**
      * 根据标准参数构造最终的签名字符串
      *

themis-exam/src/main/java/com/qmth/themis/exam/api/TEStudentController.java

@@ -35,6 +35,8 @@ import com.qmth.themis.common.enums.ExceptionResultEnum;
 import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.enums.Source;
 import com.qmth.themis.common.exception.BusinessException;
+import com.qmth.themis.common.signature.SignatureInfo;
+import com.qmth.themis.common.signature.SignatureType;
 import com.qmth.themis.common.util.AesUtil;
 import com.qmth.themis.common.util.Result;
 import com.qmth.themis.common.util.ResultUtil;
@@ -102,12 +104,12 @@ public class TEStudentController {
 
     @ApiOperation(value = "学生登录接口")
     @RequestMapping(value = "/login", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "学生信息", response = TEExamResultDto.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "学生信息", response = TEExamResultDto.class)})
     public Result login(
-            @ApiJsonObject(name = "loginStudent", value = { @ApiJsonProperty(key = "identity", description = "证件号"),
+            @ApiJsonObject(name = "loginStudent", value = {@ApiJsonProperty(key = "identity", description = "证件号"),
                     @ApiJsonProperty(key = "password", description = "密码"),
                     @ApiJsonProperty(key = "orgId", type = "long", example = "1", description = "机构id"),
-                    @ApiJsonProperty(key = "examId", type = "long", example = "1", description = "批次id") }) @ApiParam(value = "学生信息", required = true) @RequestBody Map<String, Object> mapParameter)
+                    @ApiJsonProperty(key = "examId", type = "long", example = "1", description = "批次id")}) @ApiParam(value = "学生信息", required = true) @RequestBody Map<String, Object> mapParameter)
             throws NoSuchAlgorithmException {
         if (Objects.isNull(mapParameter)) {
             throw new BusinessException(ExceptionResultEnum.STUDENT_IS_NULL);
@@ -231,7 +233,7 @@ public class TEStudentController {
         mqDtoService.assembleSendOneWayMsg(mqDtoLog);
         //mq发送消息end
         //测试
-        //        String test = SignatureInfo.build(SignatureType.TOKEN, sessionId, token);
+        String test = SignatureInfo.build(SignatureType.TOKEN, sessionId, token);
         Map<String, Object> map = new HashMap<>();
         //获取未完考试
         if (Objects.isNull(ExamingDataCacheUtil.getUnFinishedRecordId(teStudent.getId()))) {
@@ -278,9 +280,9 @@ public class TEStudentController {
         }
         //获取全局考试配置
         TEConfig teConfig = teConfigService.getGlobalConfig();
-        map.put(SystemConstant.ACCESS_TOKEN, token);
+//        map.put(SystemConstant.ACCESS_TOKEN, token);
         map.put(SystemConstant.GLOBAL, teConfig);
-        //        map.put(SystemConstant.ACCESS_TOKEN, test);
+        map.put(SystemConstant.ACCESS_TOKEN, test);
         map.put(SystemConstant.STUDENT_ACCOUNT, teStudent);
         map.put(SystemConstant.SESSION_ID, sessionId);
         return ResultUtil.ok(map);
@@ -288,14 +290,14 @@ public class TEStudentController {
 
     @ApiOperation(value = "登出接口")
     @RequestMapping(value = "/logout", method = RequestMethod.POST)
-    @ApiResponses({ @ApiResponse(code = 200, message = "{\"success\":true}", response = Result.class) })
+    @ApiResponses({@ApiResponse(code = 200, message = "{\"success\":true}", response = Result.class)})
     public Result logout() throws NoSuchAlgorithmException {
         TEStudentCacheDto teStudent = (TEStudentCacheDto) ServletUtil.getRequestStudentAccount();
         TBSession tbSession = (TBSession) ServletUtil.getRequestSession();
         if (Objects.isNull(tbSession)) {
             throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
         }
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + "::" + teStudent.getId());
+        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + teStudent.getId());
         redisUtil.deleteUserSession(tbSession.getId());
         //循环检查该用户下其他平台是否存在session,不存在则删除用户缓存和鉴权缓存
         boolean delete = true;
@@ -331,7 +333,7 @@ public class TEStudentController {
      * @return
      */
     private ExamUnFinishBean unFinishCommon(Long recordId, ExamCacheBean ec, ExamStudentCacheBean examStudentCacheBean,
-            ExamActivityCacheBean examActivityCacheBean, Long examStudentId) {
+                                            ExamActivityCacheBean examActivityCacheBean, Long examStudentId) {
         ExamCourseCacheBean examCourseCacheBean = teExamCourseService
                 .getExamCourseCacheBean(ec.getId(), examStudentCacheBean.getCourseCode());
         TEExamActivityDto teExamActivityDto = new TEExamActivityDto(ec, examActivityCacheBean, examStudentCacheBean,

themis-exam/src/main/java/com/qmth/themis/exam/interceptor/AuthInterceptor.java

@@ -1,22 +1,12 @@
 package com.qmth.themis.exam.interceptor;
 
-import com.google.gson.Gson;
 import com.qmth.themis.business.constant.SystemConstant;
-import com.qmth.themis.business.dto.AuthDto;
-import com.qmth.themis.business.dto.cache.TEStudentCacheDto;
-import com.qmth.themis.business.entity.TBSession;
-import com.qmth.themis.business.entity.TEStudent;
-import com.qmth.themis.business.service.CacheService;
-import com.qmth.themis.business.service.TEStudentService;
-import com.qmth.themis.business.util.RedisUtil;
+import com.qmth.themis.business.util.AuthUtil;
 import com.qmth.themis.business.util.ServletUtil;
 import com.qmth.themis.common.enums.ExceptionResultEnum;
 import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.exception.BusinessException;
-import com.qmth.themis.common.signature.SignatureInfo;
-import com.qmth.themis.common.signature.SignatureType;
 import com.qmth.themis.exam.config.DictionaryConfig;
-import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.HandlerInterceptor;
@@ -25,9 +15,6 @@ import org.springframework.web.servlet.ModelAndView;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.List;
-import java.util.Objects;
-import java.util.Set;
 
 /**
  * @Description: 鉴权拦截器
@@ -40,20 +27,11 @@ public class AuthInterceptor implements HandlerInterceptor {
 
     private final static Logger log = LoggerFactory.getLogger(AuthInterceptor.class);
 
-    @Resource
-    CacheService cacheService;
-
     @Resource
     DictionaryConfig dictionaryConfig;
 
-    @Resource
-    TEStudentService teStudentService;
-
-    @Resource
-    RedisUtil redisUtil;
-
     @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) {
         String url = request.getServletPath();
         String method = request.getMethod();
         if (url.equalsIgnoreCase(SystemConstant.ERROR)) {
@@ -65,85 +43,7 @@ public class AuthInterceptor implements HandlerInterceptor {
         String time = ServletUtil.getRequestTime();
         log.info("Start authorization: url:{}, method:{}, platform:{}, deviceId:{}, authorization:{}, time:{}", url,
                 method, platform, deviceId, authorization, time);
-        //校验时间戳是否过期
-        long timestamp = StringUtils.isNumeric(time) ? Long.parseLong(time) : 0L;
-        if (SystemConstant.expire(timestamp)) {
-            log.warn("Authorization faile: time expired, server time=" + System.currentTimeMillis());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        //校验签名信息
-        final SignatureInfo info = SignatureInfo.parse(method.toLowerCase(), url, timestamp, authorization);
-        if (info == null) {
-            log.warn("Authorization faile: signature decode error");
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        if (SignatureType.TOKEN != info.getType()) {
-            log.warn("Authorization faile: signature type is not Token");
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        //校验session
-        String sessionId = info.getInvoker();
-        TBSession tbSession = (TBSession) redisUtil.getUserSession(sessionId);
-        if (Objects.isNull(tbSession)) {
-            log.warn("Authorization faile: session id not exists: " + sessionId);
-            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-        }
-        if (tbSession.getExpireTime() <= System.currentTimeMillis() || info.getTimestamp() > tbSession.getExpireTime()) {
-            log.warn("Authorization faile: session has expired, expire time=" + tbSession.getExpireTime());
-            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-        }
-        if (!info.validate(tbSession.getAccessToken())) {
-            log.warn("Authorization faile: access token invalid, session token is " + tbSession.getAccessToken());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        if (!tbSession.getPlatform().equalsIgnoreCase(platform.name())) {
-            log.warn("Authorization faile: platform invalid, session platform is " + tbSession.getPlatform());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        if (!tbSession.getDeviceId().equalsIgnoreCase(deviceId)) {
-            log.warn("Authorization faile: deviceId invalid, session deviceId is " + tbSession.getDeviceId());
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-        }
-        long userId = Long.parseLong(tbSession.getIdentity());
-        TEStudentCacheDto teStudentCacheDto = (TEStudentCacheDto) redisUtil.getStudent(userId);
-        if (Objects.isNull(teStudentCacheDto)) {
-            TEStudent teStudent = teStudentService.getById(userId);
-            Gson gson = new Gson();
-            teStudentCacheDto = gson.fromJson(gson.toJson(teStudent), TEStudentCacheDto.class);
-            redisUtil.setStudent(teStudent.getId(), teStudentCacheDto);
-        }
-
-        request.setAttribute(SystemConstant.SESSION, tbSession);
-        request.setAttribute(SystemConstant.STUDENT_ACCOUNT, teStudentCacheDto);
-
-        AuthDto authDto = (AuthDto) redisUtil.get(SystemConstant.studentOauth + "::" + userId);
-        //验证权限
-        if (Objects.isNull(authDto)) {
-            authDto = cacheService.addStudentCache(userId);
-        }
-        request.setAttribute(SystemConstant.ORG, authDto.getTbOrg());
-        //系统管理员拥有所有权限
-//        if (authDto.getRoleCodes().contains(RoleEnum.SUPER_ADMIN.name())) {
-//            return true;
-//        }
-        //系统公用接口不拦截
-        List<String> sysUrls = dictionaryConfig.systemUrlDomain().getUrls();
-        int sysCount = (int) sysUrls.stream().filter(s -> {
-            return s.equalsIgnoreCase(url);
-        }).count();
-        if (sysCount > 0) {
-            return true;
-        }
-        Set<String> urls = authDto.getUrls();
-        int count = (int) urls.stream().filter(s -> {
-            return s.equalsIgnoreCase(url);
-        }).count();
-        if (count == 0) {
-            log.warn("Authorization faile: url cannot access");
-            throw new BusinessException(ExceptionResultEnum.UN_AUTHORIZATION);
-        }
-        response.setStatus(ExceptionResultEnum.SUCCESS.getCode());
-        return true;
+        return AuthUtil.examAuthInterceptor(platform, deviceId, authorization, time, dictionaryConfig.systemUrlDomain().getUrls(), request, response);
     }
 
     @Override

themis-exam/src/main/java/com/qmth/themis/exam/websocket/WebSocketMobileServer.java

@@ -11,14 +11,14 @@ import com.qmth.themis.business.entity.TBSession;
 import com.qmth.themis.business.enums.MonitorStatusSourceEnum;
 import com.qmth.themis.business.enums.MonitorVideoSourceEnum;
 import com.qmth.themis.business.enums.WebsocketTypeEnum;
+import com.qmth.themis.business.util.AuthUtil;
 import com.qmth.themis.business.util.JacksonUtil;
 import com.qmth.themis.business.util.RedisUtil;
 import com.qmth.themis.business.util.WebsocketUtil;
 import com.qmth.themis.common.contanst.Constants;
 import com.qmth.themis.common.enums.ExceptionResultEnum;
+import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.exception.BusinessException;
-import com.qmth.themis.common.signature.SignatureInfo;
-import com.qmth.themis.common.signature.SignatureType;
 import com.qmth.themis.exam.listener.service.MqOeLogicService;
 import com.qmth.themis.exam.websocketTemplete.WebSocketMobileMessageTemplete;
 import com.qmth.themis.mq.templete.Concurrently;
@@ -89,52 +89,26 @@ public class WebSocketMobileServer implements Concurrently {
         this.time = Long.parseLong(String.valueOf(mapParameter.get("time").get(0)));
         this.recordId = Long.parseLong(String.valueOf(mapParameter.get("recordId").get(0)));
         this.source = MonitorVideoSourceEnum.valueOf(mapParameter.get("source").get(0));
-//        final SignatureInfo info = SignatureInfo
-//                .parse(Authorization);
-        if (!SystemConstant.expire(this.time.longValue())) {
-            final SignatureInfo info = SignatureInfo
-                    .parse(SystemConstant.GET, url, this.time, this.Authorization);
-            if (Objects.nonNull(info) && info.getType() == SignatureType.TOKEN) {
-                String sessionId = info.getInvoker();
-                redisUtil = SpringContextHolder.getBean(RedisUtil.class);
-                TBSession tbSession = (TBSession) redisUtil.getUserSession(sessionId);
-                if (Objects.isNull(tbSession)) {
-                    throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-                } else {
-                    if (info.validate(tbSession.getAccessToken()) && info.getTimestamp() < tbSession.getExpireTime()
-                            && platform.equalsIgnoreCase(tbSession.getPlatform()) && Objects.equals(deviceId, tbSession.getDeviceId())) {
-                        this.session = session;
-                        session.setMaxIdleTimeout(SystemConstant.WEBSOCKET_MAX_TIME_OUT);
-                        this.sessionId = tbSession.getId();
-                        if (webSocketMap.containsKey(this.recordId + "-" + this.source.name())) {
-                            webSocketMap.remove(this.recordId + "-" + this.source.name());
-                            webSocketMap.put(this.recordId + "-" + this.source.name(), this);
-                        } else {
-                            webSocketMap.put(this.recordId + "-" + this.source.name(), this);
-//                        addOnlineCount();
-                        }
-//                    log.info("用户连接:{},当前在线人数为:{}", this.sessionId, getOnlineCount());
-                        log.info("用户连接:{}", this.sessionId);
-                        InetSocketAddress addr = (InetSocketAddress) WebsocketUtil.getFieldInstance(this.session.getAsyncRemote(), "base#socketWrapper#socket#sc#remoteAddress");
-                        this.ip = addr.toString().replace("/", "").split(":")[0];
-//                    this.sendMessage("ip[" + this.ip + "]连接成功");
-                        log.info("ip[:{}]连接成功", this.ip);
-                        tranMap = new HashMap<>();
-                        tranMap.put("recordId", this.recordId);
-                        tranMap.put("deviceId", this.deviceId);
-                        tranMap.put("ip", this.ip);
-                        this.updateTime = System.currentTimeMillis();
-                        tranMap.put("updateTime", this.updateTime);
-                    } else {
-                        throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-                    }
-                }
-            } else {
-                throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-            }
+
+        redisUtil = SpringContextHolder.getBean(RedisUtil.class);
+        TBSession tbSession = AuthUtil.websocketAuthInterceptor(Platform.valueOf(platform), deviceId, Authorization, String.valueOf(mapParameter.get("time").get(0)), SystemConstant.GET, url);
+        this.session = session;
+        session.setMaxIdleTimeout(SystemConstant.WEBSOCKET_MAX_TIME_OUT);
+        this.sessionId = tbSession.getId();
+        if (webSocketMap.containsKey(this.recordId + "-" + this.source.name())) {
+            webSocketMap.remove(this.recordId + "-" + this.source.name());
+            webSocketMap.put(this.recordId + "-" + this.source.name(), this);
         } else {
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+            webSocketMap.put(this.recordId + "-" + this.source.name(), this);
+//            addOnlineCount();
         }
+//        log.info("用户连接:{},当前在线人数为:{}", this.sessionId, getOnlineCount());
+        log.info("用户连接:{}", this.sessionId);
+        InetSocketAddress addr = (InetSocketAddress) WebsocketUtil.getFieldInstance(this.session.getAsyncRemote(), "base#socketWrapper#socket#sc#remoteAddress");
+        this.ip = addr.toString().replace("/", "").split(":")[0];
+        log.info("ip[:{}]连接成功", this.ip);
+        this.updateTime = System.currentTimeMillis();
+        tranMap = WebsocketUtil.initWebsocket(recordId, null, deviceId, ip, updateTime);
     }
 
     /**

themis-exam/src/main/java/com/qmth/themis/exam/websocket/WebSocketOeServer.java

@@ -11,14 +11,14 @@ import com.qmth.themis.business.entity.TBSession;
 import com.qmth.themis.business.enums.*;
 import com.qmth.themis.business.service.MqDtoService;
 import com.qmth.themis.business.service.TOeExamRecordService;
+import com.qmth.themis.business.util.AuthUtil;
 import com.qmth.themis.business.util.JacksonUtil;
 import com.qmth.themis.business.util.RedisUtil;
 import com.qmth.themis.business.util.WebsocketUtil;
 import com.qmth.themis.common.contanst.Constants;
 import com.qmth.themis.common.enums.ExceptionResultEnum;
+import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.exception.BusinessException;
-import com.qmth.themis.common.signature.SignatureInfo;
-import com.qmth.themis.common.signature.SignatureType;
 import com.qmth.themis.exam.config.ExamConstant;
 import com.qmth.themis.exam.listener.service.MqOeLogicService;
 import com.qmth.themis.exam.websocketTemplete.WebSocketOeMessageTemplete;
@@ -37,7 +37,10 @@ import java.lang.reflect.Method;
 import java.net.InetSocketAddress;
 import java.time.LocalDateTime;
 import java.time.ZoneOffset;
-import java.util.*;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
 import java.util.concurrent.ConcurrentHashMap;
 
 /**
@@ -87,60 +90,26 @@ public class WebSocketOeServer implements Concurrently {
         this.Authorization = String.valueOf(mapParameter.get("Authorization").get(0));
         this.time = Long.parseLong(String.valueOf(mapParameter.get("time").get(0)));
         this.recordId = Long.parseLong(String.valueOf(mapParameter.get("recordId").get(0)));
-//        final SignatureInfo info = SignatureInfo
-//                .parse(Authorization);
-        if (!SystemConstant.expire(this.time.longValue())) {
-            final SignatureInfo info = SignatureInfo
-                    .parse(SystemConstant.GET, url, this.time, this.Authorization);
-            if (Objects.nonNull(info) && info.getType() == SignatureType.TOKEN) {
-                String sessionId = info.getInvoker();
-                redisUtil = SpringContextHolder.getBean(RedisUtil.class);
-                TBSession tbSession = (TBSession) redisUtil.getUserSession(sessionId);
-                if (Objects.isNull(tbSession)) {
-                    throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-                } else {
-                    if (info.validate(tbSession.getAccessToken()) && info.getTimestamp() < tbSession.getExpireTime()
-                            && platform.equalsIgnoreCase(tbSession.getPlatform()) && Objects.equals(deviceId, tbSession.getDeviceId())) {
-                        this.session = session;
-                        session.setMaxIdleTimeout(SystemConstant.WEBSOCKET_MAX_TIME_OUT);
-                        this.sessionId = tbSession.getId();
-                        if (webSocketMap.containsKey(this.recordId)) {
-                            webSocketMap.remove(this.recordId);
-                            webSocketMap.put(this.recordId, this);
-                        } else {
-                            webSocketMap.put(this.recordId, this);
-                            addOnlineCount();
-                        }
-                        log.info("用户连接:{},当前在线人数为:{}", this.sessionId, getOnlineCount());
-                        InetSocketAddress addr = (InetSocketAddress) WebsocketUtil.getFieldInstance(this.session.getAsyncRemote(), "base#socketWrapper#socket#sc#remoteAddress");
-                        this.ip = addr.toString().replace("/", "").split(":")[0];
-//                    this.sendMessage("ip[" + this.ip + "]连接成功");
-                        log.info("ip[:{}]连接成功", this.ip);
-                        ExamRecordCacheUtil.setClientWebsocketStatus(recordId, WebsocketStatusEnum.ON_LINE, false);
-                        ExamRecordCacheUtil.setClientCurrentIp(recordId, this.ip, false);
-                        ExamRecordCacheUtil.setClientWebsocketId(recordId, this.session.getId(), false);
-                        Long clientLastSyncTime = System.currentTimeMillis();
-                        ExamRecordCacheUtil.setClientLastSyncTime(recordId, clientLastSyncTime, false);
-                        String[] columns = new String[]{ExamRecordFieldEnum.client_websocket_status.name(), ExamRecordFieldEnum.client_current_ip.name(), ExamRecordFieldEnum.client_websocket_id.name(), ExamRecordFieldEnum.client_last_sync_time.name()};
-                        Object[] values = new Object[]{WebsocketStatusEnum.ON_LINE, this.ip, this.session.getId(), clientLastSyncTime};
-                        TOeExamRecordService tOeExamRecordService = SpringContextHolder.getBean(TOeExamRecordService.class);
-                        tOeExamRecordService.dataUpdatesMq(recordId, columns, values);
-                        tranMap = new HashMap<>();
-                        tranMap.put("recordId", this.recordId);
-                        tranMap.put("deviceId", this.deviceId);
-                        tranMap.put("ip", this.ip);
-                        this.updateTime = System.currentTimeMillis();
-                        tranMap.put("updateTime", this.updateTime);
-                    } else {
-                        throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-                    }
-                }
-            } else {
-                throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-            }
+        redisUtil = SpringContextHolder.getBean(RedisUtil.class);
+
+        TBSession tbSession = AuthUtil.websocketAuthInterceptor(Platform.valueOf(platform), deviceId, Authorization, String.valueOf(mapParameter.get("time").get(0)), SystemConstant.GET, url);
+        this.session = session;
+        session.setMaxIdleTimeout(SystemConstant.WEBSOCKET_MAX_TIME_OUT);
+        this.sessionId = tbSession.getId();
+        if (webSocketMap.containsKey(this.recordId)) {
+            webSocketMap.remove(this.recordId);
+            webSocketMap.put(this.recordId, this);
         } else {
-            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+            webSocketMap.put(this.recordId, this);
+            addOnlineCount();
         }
+        log.info("用户连接:{},当前在线人数为:{}", this.sessionId, getOnlineCount());
+        InetSocketAddress addr = (InetSocketAddress) WebsocketUtil.getFieldInstance(this.session.getAsyncRemote(), "base#socketWrapper#socket#sc#remoteAddress");
+        this.ip = addr.toString().replace("/", "").split(":")[0];
+        log.info("ip[:{}]连接成功", this.ip);
+        WebsocketUtil.updateExamRecordWebsocketStatus(recordId, ip, this.session.getId(), WebsocketStatusEnum.ON_LINE);
+        this.updateTime = System.currentTimeMillis();
+        tranMap = WebsocketUtil.initWebsocket(recordId, null, deviceId, ip, updateTime);
     }
 
     /**