1. 只允许一个人登录:
每个人登录后保存的cookie.key都一样,但是保存的cookie.value不一样
保存cookie和缓存:
//loginName = loginName + Constant.QLSKEY_SPLITTER + RandomStringUtils.randomAlphabetic(3);
Cookie cookieuin = new Cookie("qluin", loginName);
cookieuin.setPath("/");
String qlsKey = ComUtils.getQlsKey();
Cookie cookieQlskey = new Cookie("qlskey", qlsKey);
cookieQlskey.setPath("/");
response.addCookie(cookieuin);
response.addCookie(cookieQlskey);
// 存登录校验信息
cacheService.setString(CacheConstant.USER_QLSKEY.getKey(loginName), qlsKey + Constant.QLSKEY_SPLITTER + org.getName(), 30, TimeUnit.MINUTES, true);
2. 允许同时多人登录:
每个人登录后保存的cookie.key不一样,当然保存的cookie.value不一样
设置不一样的key: loginName = loginName + Constant.QLSKEY_SPLITTER + RandomStringUtils.randomAlphabetic(3);
保存cookie和缓存:
loginName = loginName + Constant.QLSKEY_SPLITTER + RandomStringUtils.randomAlphabetic(3);
Cookie cookieuin = new Cookie("qluin", loginName);
cookieuin.setPath("/");
String qlsKey = ComUtils.getQlsKey();
Cookie cookieQlskey = new Cookie("qlskey", qlsKey);
cookieQlskey.setPath("/");
response.addCookie(cookieuin);
response.addCookie(cookieQlskey);
// 存登录校验信息
cacheService.setString(CacheConstant.USER_QLSKEY.getKey(loginName), qlsKey + Constant.QLSKEY_SPLITTER + org.getName(), 30, TimeUnit.MINUTES, true);
针对两种方式,过滤器都一样的,不用变 (只要保存cookie的key对每个登录用户来说是否需要一样):
主要是这段代码:cachedQlskey.split(Constant.QLSKEY_SPLITTER)[0].equals(qlskey) 判断是否允许同时多人登录。
Cookie[] cookies = req.getCookies();
String qluin = null;
String qlskey = null;
if (ArrayUtils.isNotEmpty(cookies)) {
for (Cookie cookie : cookies) {
if ("qluin".equals(cookie.getName())) {
qluin = cookie.getValue();
continue;
}
if ("qlskey".equals(cookie.getName())) {
qlskey = cookie.getValue();
continue;
}
}
}
if (StringUtils.isNotBlank(qluin) && StringUtils.isNotBlank(qlskey)) {
String cachedQlskey = cacheService.getString(CacheConstant.USER_QLSKEY.getKey(qluin));
if (StringUtils.isNotBlank(cachedQlskey) && cachedQlskey.split(Constant.QLSKEY_SPLITTER)[0].equals(qlskey)) {
//延长有效期
cacheService.setString(CacheConstant.USER_QLSKEY.getKey(qluin), cachedQlskey, 30, TimeUnit.MINUTES, true);
request.setAttribute(Constants.LOGIN_UID_KEY, cachedQlskey.split(Constant.QLSKEY_SPLITTER)[1]);
request.setAttribute(Constants.LOGIN_TYPE_KEY, Constants.LOGIN_TYPE_WEIXIN);
chain.doFilter(request, response);
} else {
//登录过期,通知前端跳转到微信登录页面
resp.setContentType("application/json;charset=UTF-8");
ServletOutputStream os = resp.getOutputStream();
os.write(org.apache.commons.codec.binary.StringUtils.getBytesUtf8(ConfigUtil.get(LOGIN_JSON)));
os.flush();
return;
}
} else {
//未登录,通知前端跳转到微信登录页面
}