修复由于redis用户信息丢失导致的资源访问失败问题

0b420f5a · WeiCong · 854fc17d · 0b420f5a
Commit 0b420f5a authored Nov 13, 2020 by WeiCong
Hide whitespace changes
Inline Side-by-side

Showing with 58 additions and 58 deletions

OpenTransInterceptor.java ...a/org/sss/presentation/noui/jwt/OpenTransInterceptor.java +58 -58

No files found.
--- a/src/main/java/org/sss/presentation/noui/jwt/OpenTransInterceptor.java
+++ b/src/main/java/org/sss/presentation/noui/jwt/OpenTransInterceptor.java
@@ -22,69 +22,68 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.PrintWriter;

 public class OpenTransInterceptor implements HandlerInterceptor {
-	protected static final Log log = LogFactory.getLog(OpenTransInterceptor.class);
+    protected static final Log log = LogFactory.getLog(OpenTransInterceptor.class);

-	@Autowired
-	private NoUiVersion noUiVersion;
-	
-	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception arg3) throws Exception {
+    @Autowired
+    private NoUiVersion noUiVersion;

-	}
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception arg3) throws Exception {

-	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView model) throws Exception {
-	}
+    }

-	// 拦截每个请求
-	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-		response.setCharacterEncoding("utf-8");
-		NoUiRequest noUiRequest = new NoUiRequest(request, "", null);
-		String token = noUiRequest.getToken();
-		String userId = noUiRequest.getUserId();
-		String terminalType = noUiRequest.getTerminalType(); // APP WEB
-		
-		RedisLoginInfo redisLoginInfo = null;
-		if( !StringUtils.isEmpty(noUiRequest.getUserId())) //开放模式下
-			redisLoginInfo =	(RedisLoginInfo) RedisUtil.get(StringUtil.userUniqueId(noUiRequest));
-		
-		//如果是已登录状态，要刷新超时时间
-		if (redisLoginInfo != null && System.currentTimeMillis() <= redisLoginInfo.getExpiredTime()) {
-			// 重新刷入登陆时间
-			RedisLoginInfo nweRedisLoginInfo = new RedisLoginInfo(userId, token, NumericUtil.sessionTimeOut(), redisLoginInfo.getSysmod(),noUiRequest.getTerminalType());
-			RedisUtil.set(Constants.SESSION + "." + userId + "." + terminalType, nweRedisLoginInfo);
-			
-		}
-		String url = request.getRequestURI();
-		String trnnam = null;
-		int idx1 = url.indexOf(NoUiContextManager.openSourcePrefix);
-		int begpos = idx1 + NoUiContextManager.openSourcePrefix.length()+1;
-		int idx2 = url.indexOf("/", begpos);
-		if(idx2 > 0)
-			trnnam = url.substring(begpos, idx2);
-		if(trnnam==null)
-		{
-			Result rt = new Result(ErrorCodes.UNKNOEW_TRANS, "未知的交易", null, noUiVersion.getVersion());
-			responseMessage(response, response.getWriter(), rt);
-			return false;
-		}
-		//交易必须是配置允许开放的交易
-		log.debug("开放访问交易名："+trnnam);
-		if(!NoUiContextManager.openTransactions.contains(trnnam))
-		{
-			Result rt = new Result(ErrorCodes.FORBIDDEN_TRANS, "非法访问", null, noUiVersion.getVersion());
-			responseMessage(response, response.getWriter(), rt);
-			return false;
-		}
-		return true;
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView model) throws Exception {
+    }

-	}
+    // 拦截每个请求
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        response.setCharacterEncoding("utf-8");
+        NoUiRequest noUiRequest = new NoUiRequest(request, "", null);
+        String token = noUiRequest.getToken();
+        String userId = noUiRequest.getUserId();
+        String terminalType = noUiRequest.getTerminalType(); // APP WEB

-	// 请求不通过，返回错误信息给客户端
-	private void responseMessage(HttpServletResponse response, PrintWriter out, Result result) {
-		response.setContentType("application/json; charset=utf-8");
-		String json = new Gson().toJson(result);
-		out.print(json);
-		out.flush();
-		out.close();
-	}
+        RedisLoginInfo redisLoginInfo = null;
+        if (!StringUtils.isEmpty(noUiRequest.getUserId())) //开放模式下
+            redisLoginInfo = (RedisLoginInfo) RedisUtil.get(StringUtil.userUniqueId(noUiRequest));
+
+        //如果是已登录状态，要刷新超时时间
+        if (redisLoginInfo != null && System.currentTimeMillis() <= redisLoginInfo.getExpiredTime()) {
+            // 重新刷入登陆时间
+            RedisLoginInfo nweRedisLoginInfo = new RedisLoginInfo(userId, token, NumericUtil.sessionTimeOut(), redisLoginInfo.getSysmod(), noUiRequest.getTerminalType());
+            RedisUtil.set(Constants.SESSION + "." + userId + "." + terminalType, nweRedisLoginInfo);
+            RedisUtil.set(StringUtil.getCacheSessionId(userId),request.getSession().getId());
+
+        }
+        String url = request.getRequestURI();
+        String trnnam = null;
+        int idx1 = url.indexOf(NoUiContextManager.openSourcePrefix);
+        int begpos = idx1 + NoUiContextManager.openSourcePrefix.length() + 1;
+        int idx2 = url.indexOf("/", begpos);
+        if (idx2 > 0)
+            trnnam = url.substring(begpos, idx2);
+        if (trnnam == null) {
+            Result rt = new Result(ErrorCodes.UNKNOEW_TRANS, "未知的交易", null, noUiVersion.getVersion());
+            responseMessage(response, response.getWriter(), rt);
+            return false;
+        }
+        //交易必须是配置允许开放的交易
+        log.debug("开放访问交易名：" + trnnam);
+        if (!NoUiContextManager.openTransactions.contains(trnnam)) {
+            Result rt = new Result(ErrorCodes.FORBIDDEN_TRANS, "非法访问", null, noUiVersion.getVersion());
+            responseMessage(response, response.getWriter(), rt);
+            return false;
+        }
+        return true;
+
+    }
+
+    // 请求不通过，返回错误信息给客户端
+    private void responseMessage(HttpServletResponse response, PrintWriter out, Result result) {
+        response.setContentType("application/json; charset=utf-8");
+        String json = new Gson().toJson(result);
+        out.print(json);
+        out.flush();
+        out.close();
+    }

 }
\ No newline at end of file