cookie clear & ip support

2026-05-14 20:50:14 +08:00 · 2022-07-28 09:15:33 +08:00
parent 9df09cc5ec
commit 63ca510af7
5 changed files with 40 additions and 17 deletions
--- a/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/logout.component.ts
+++ b/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/logout.component.ts
@@ -19,6 +19,7 @@ import { ActivatedRoute, Router } from '@angular/router';
 import { ReuseTabService } from '@delon/abc/reuse-tab';
 import { DA_SERVICE_TOKEN, ITokenService } from '@delon/auth';
 import { SettingsService } from '@delon/theme';
+import { finalize } from 'rxjs/operators';

 import { AuthnService } from '../../service/authn.service';
 import { SocialsProviderService } from '../../service/socials-provider.service';
@@ -44,12 +45,20 @@ export class LogoutComponent implements OnInit {

  ngOnInit(): void {
    this.redirect_uri = this.route.snapshot.params[CONSTS.REDIRECT_URI];
-    this.authnService.logout();
-    this.tokenService.clear();
-    if (this.redirect_uri == null || this.redirect_uri == '') {
-      this.router.navigateByUrl(this.tokenService.login_url!);
-    } else {
-      this.router.navigateByUrl(this.redirect_uri);
-    }
+    this.authnService
+      .logout()
+      .pipe(
+        finalize(() => {
+          this.tokenService.clear();
+          if (this.redirect_uri == null || this.redirect_uri == '') {
+            this.router.navigateByUrl(this.tokenService.login_url!);
+          } else {
+            this.router.navigateByUrl(this.redirect_uri);
+          }
+        })
+      )
+      .subscribe(res => {
+        console.log(`Logout Response ${res.data}`);
+      });
  }
 }
--- a/maxkey-web-frontend/maxkey-web-app/src/app/service/authn.service.ts
+++ b/maxkey-web-frontend/maxkey-web-app/src/app/service/authn.service.ts
@@ -63,14 +63,24 @@ export class AuthnService {

  //退出
  logout() {
-    this.cookieService.delete(CONSTS.CONGRESS);
-    return this.http.get('/login/logout');
+    this.cookieService.delete(CONSTS.CONGRESS, '/');
+    this.cookieService.delete(CONSTS.ONLINE_TICKET, '/', this.getSubHostName());
+    return this.http.get('/logout');
  }

  congress(authParam: any) {
    return this.http.post('/login/congress?_allow_anonymous=true', authParam);
  }

+  getSubHostName(): string {
+    let hostnames = window.location.hostname.split('.');
+    let subHostName = window.location.hostname;
+    if (hostnames.length >= 2 && !CONSTS.IP_V4_REGEXEXP.test(subHostName)) {
+      subHostName = `${hostnames[hostnames.length - 2]}.${hostnames[hostnames.length - 1]}`;
+    }
+    return subHostName;
+  }
+
  clear() {
    this.tokenService.clear();
    localStorage.setItem(CONSTS.REMEMBER, '');
@@ -92,14 +102,8 @@ export class AuthnService {
      passwordSetType: authJwt.passwordSetType
    };

-    let hostnames = window.location.hostname.split('.');
-    let subHostName = window.location.hostname;
-    if (hostnames.length >= 2) {
-      subHostName = `${hostnames[hostnames.length - 2]}.${hostnames[hostnames.length - 1]}`;
-    }
-
    this.cookieService.set(CONSTS.CONGRESS, authJwt.token, { path: '/' });
-    this.cookieService.set(CONSTS.ONLINE_TICKET, authJwt.ticket, { domain: subHostName, path: '/' });
+    this.cookieService.set(CONSTS.ONLINE_TICKET, authJwt.ticket, { domain: this.getSubHostName(), path: '/' });

    if (authJwt.remeberMe) {
      localStorage.setItem(CONSTS.REMEMBER, authJwt.remeberMe);
--- a/maxkey-web-frontend/maxkey-web-app/src/app/shared/consts.ts
+++ b/maxkey-web-frontend/maxkey-web-app/src/app/shared/consts.ts
@@ -15,6 +15,11 @@
 */

 export const CONSTS = {
+    // Regular expression to check if string is a IP v4 address
+    IP_V4_REGEXEXP: /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/gi,
+    // Regular expression to check if string is a IPv6 address
+    IP_V6_REGEXEXP:
+        /(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/gi,
    INST: 'inst',
    CONGRESS: 'congress',
    ONLINE_TICKET: 'online_ticket',
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
@@ -136,7 +136,10 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
                .addPathPatterns("/authz/credential/**")
                .addPathPatterns("/authz/oauth/v20/approval_confirm/**")
        		.addPathPatterns("/authz/oauth/v20/authorize/approval/**")
-        		.addPathPatterns("/logon/oauth20/bind/**");
+        		.addPathPatterns("/logon/oauth20/bind/**")
+        		.addPathPatterns("/logout")
+                .addPathPatterns("/logout/**")
+                ;
        
        _logger.debug("add Permission Interceptor");
        
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
@@ -114,6 +114,8 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
                
                .addPathPatterns("/file/upload/")
                
+                .addPathPatterns("/logout")
+                .addPathPatterns("/logout/**")
                ;
        
        _logger.debug("add PermissionAdapter");