1、cookie里面存放的jsessionid就是session里面存的session.getId();session里面存放的是用户登陆信息,也就是我们常说的token值
第一次登陆到tomcat1获得jsessionid和第二次到tomcat2获得jessionid肯定是不一样的
解决方案:
将第一次登陆的sessionid(也就是token)以loginToken为健存储到redis里面去,后面登陆去redis里面去读取loginToken,
将cookie里面获得token值以loginToken为键,token值为value存在cookie里面
直接从cookie里面读取loginToken的值,然后在redis里面去获取用户信息
2、启动项目tomcat的设置
第一步:书写CookieUtil类,如下:
package com.mmall.util;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Slf4j
public class CookieUtil {
private final static String COOKIE_DOMAIN="mmall.com";
private final static String COOKIE_NAME="mall_login_token";//自己定义一个名字作为健
//读取cookie
public static String readLoginToken(HttpServletRequest request){
Cookie[] cks=request.getCookies();
if(cks!=null){
for(Cookie ck:cks){
log.info("cookieName:{},cookieValue:{}",ck.getName(),ck.getValue());
//这方法如果ck.getName()是空的话,这方法不会报空指针异常
if(StringUtils.equals(ck.getName(),COOKIE_NAME)){
log.info("return cookieName:{},cookieValue:{}",ck.getName(),ck.getValue());
return ck.getValue();
}
}
}
return null;
}
//写入cookie,将cookie里面获得token值以loginToken为键,token值为value存在cookie里面
public static void writeLoginToken(HttpServletResponse response,String token){
Cookie ck =new Cookie(COOKIE_NAME,token);
ck.setDomain(COOKIE_DOMAIN);
ck.setPath("/");//代表设置在根目录
ck.setHttpOnly(true);//无法通过脚本获取cookie信息
//如果maxAge不设置,cookie就不会写入硬盘,而写入内存,只在当前页面有效
ck.setMaxAge(60*60*24*365);//-1代表永久,单位是秒
log.info("write cookieName:{},cookieValue:{}",ck.getName(),ck.getValue());
response.addCookie(ck);
}
//注销登陆,将这个cookie删除
public static void delLoginToken(HttpServletRequest request,HttpServletResponse response){
Cookie[] cks=request.getCookies();
if(cks!=null){
for(Cookie ck:cks){
if(StringUtils.equals(ck.getName(),COOKIE_NAME)){
ck.setDomain(COOKIE_DOMAIN);
ck.setPath("/");
ck.setMaxAge(0);//0代表删除此cookie
log.info("del cookieName:{},cookieValue:{}",ck.getName(),ck.getValue());
response.addCookie(ck);//返回有效期为0的cookie,浏览器将删除此cookie
return;
}
}
}
}
}
第二步:书写controller类
用户登陆
/**
* 用户登录
* @param username
* @param password
* @param session
* @return
*/
@RequestMapping(value = "login.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> login(String username, String password, HttpSession session, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest){
ServerResponse<User> response = iUserService.login(username,password);
if(response.isSuccess()){
//session.setAttribute(Const.CURRENT_USER,response.getData());
//将cookie写入到response里面去
CookieUtil.writeLoginToken(httpServletResponse,session.getId());
RedisPoolUtil.setEx(session.getId(), JsonUtil.obj2String(response.getData()),Const.RedisCacheExtime);
}
return response;
}
获取用户信息
//tomcat搭建集群后,获取用户信息从redis里面去拿
@RequestMapping(value = "get_user_info.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> getUserInfo(HttpSession session,HttpServletRequest httpServletRequest){
//User user = (User) session.getAttribute(Const.CURRENT_USER);
//直接从cookie里面读取loginToken的值,然后在redis里面去获取用户信息
String loginToken=CookieUtil.readLoginToken(httpServletRequest);
if(StringUtils.isEmpty(loginToken)){
return ServerResponse.createByErrorMessage("用户未登录,无法获取当前用户的信息");
}
//获取用户的信息
String userJsonStr=RedisPoolUtil.get(loginToken);
User user = JsonUtil.string2Obj(userJsonStr,User.class);
if(user != null){
return ServerResponse.createBySuccess(user);
}
return ServerResponse.createByErrorMessage("用户未登录,无法获取当前用户的信息");
}
用户登出
@RequestMapping(value = "logout.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> logout(HttpSession session,HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse){
String loginToken=CookieUtil.readLoginToken(httpServletRequest);
//在cookie里面删除loginToken
CookieUtil.delLoginToken(httpServletRequest,httpServletResponse);
//在redis里面删除loginToken
RedisPoolUtil.del(loginToken);
//session.removeAttribute(Const.CURRENT_USER);
return ServerResponse.createBySuccess();
}