mirror of
https://gitee.com/dromara/MaxKey.git
synced 2026-05-14 20:50:14 +08:00
SessionManager
This commit is contained in:
MaxKey
@@ -22,7 +22,7 @@ import java.util.ArrayList;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.Session;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.web.AuthorizationUtils;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
@@ -67,7 +67,7 @@ public abstract class AbstractAuthenticationProvider {
|
||||
|
||||
protected OtpAuthnService otpAuthnService;
|
||||
|
||||
protected SessionService sessionService;
|
||||
protected SessionManager sessionManager;
|
||||
|
||||
protected AuthJwtService authJwtService;
|
||||
|
||||
@@ -135,8 +135,8 @@ public abstract class AbstractAuthenticationProvider {
|
||||
*/
|
||||
session.setAuthentication(authenticationToken);
|
||||
|
||||
//store session
|
||||
this.sessionService.store(session.getId(), session);
|
||||
//create session
|
||||
this.sessionManager.create(session.getId(), session);
|
||||
|
||||
AuthorizationUtils.setSession(session);
|
||||
|
||||
|
||||
@@ -21,7 +21,7 @@ import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.Institutions;
|
||||
@@ -57,11 +57,11 @@ public class MfaAuthenticationProvider extends AbstractAuthenticationProvider {
|
||||
public MfaAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService,
|
||||
SessionManager sessionManager,
|
||||
AuthJwtService authJwtService) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
this.authJwtService = authJwtService;
|
||||
}
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
|
||||
import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
@@ -60,11 +60,11 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
OtpAuthnService otpAuthnService,
|
||||
SessionService sessionService) {
|
||||
SessionManager sessionManager) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.otpAuthnService = otpAuthnService;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -22,7 +22,7 @@ import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.Institutions;
|
||||
@@ -57,11 +57,11 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
public NormalAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService,
|
||||
SessionManager sessionService,
|
||||
AuthJwtService authJwtService) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
this.authJwtService = authJwtService;
|
||||
}
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
|
||||
import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.web.WebContext;
|
||||
@@ -49,10 +49,10 @@ public class TrustedAuthenticationProvider extends AbstractAuthenticationProvide
|
||||
public TrustedAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService) {
|
||||
SessionManager sessionManager) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -32,8 +32,8 @@ import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
import org.springframework.jdbc.core.RowMapper;
|
||||
|
||||
public class AbstractSessionService implements SessionService{
|
||||
private static Logger _logger = LoggerFactory.getLogger(AbstractSessionService.class);
|
||||
public class AbstractSessionManager implements SessionManager{
|
||||
private static Logger _logger = LoggerFactory.getLogger(AbstractSessionManager.class);
|
||||
|
||||
protected JdbcTemplate jdbcTemplate;
|
||||
|
||||
@@ -93,7 +93,7 @@ public class AbstractSessionService implements SessionService{
|
||||
}
|
||||
|
||||
@Override
|
||||
public void store(String sessionId, Session session) {
|
||||
public void create(String sessionId, Session session) {
|
||||
|
||||
}
|
||||
|
||||
@@ -29,8 +29,8 @@ import com.github.benmanes.caffeine.cache.Cache;
|
||||
import com.github.benmanes.caffeine.cache.Caffeine;
|
||||
|
||||
|
||||
public class InMemorySessionService extends AbstractSessionService{
|
||||
private static final Logger _logger = LoggerFactory.getLogger(InMemorySessionService.class);
|
||||
public class InMemorySessionManager extends AbstractSessionManager{
|
||||
private static final Logger _logger = LoggerFactory.getLogger(InMemorySessionManager.class);
|
||||
|
||||
protected static Cache<String, Session> sessionStore =
|
||||
Caffeine.newBuilder()
|
||||
@@ -38,13 +38,13 @@ public class InMemorySessionService extends AbstractSessionService{
|
||||
.maximumSize(200000)
|
||||
.build();
|
||||
|
||||
public InMemorySessionService(JdbcTemplate jdbcTemplate) {
|
||||
public InMemorySessionManager(JdbcTemplate jdbcTemplate) {
|
||||
super();
|
||||
this.jdbcTemplate = jdbcTemplate;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void store(String sessionId, Session session) {
|
||||
public void create(String sessionId, Session session) {
|
||||
sessionStore.put(sessionId, session);
|
||||
}
|
||||
|
||||
@@ -75,7 +75,7 @@ public class InMemorySessionService extends AbstractSessionService{
|
||||
public void refresh(String sessionId,LocalTime refreshTime) {
|
||||
Session session = get(sessionId);
|
||||
session.setLastAccessTime(refreshTime);
|
||||
store(sessionId , session);
|
||||
create(sessionId , session);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -27,8 +27,8 @@ import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
|
||||
|
||||
public class RedisSessionService extends AbstractSessionService {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(RedisSessionService.class);
|
||||
public class RedisSessionManager extends AbstractSessionManager {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(RedisSessionManager.class);
|
||||
|
||||
protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes.
|
||||
|
||||
@@ -38,7 +38,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
/**
|
||||
* @param connectionFactory
|
||||
*/
|
||||
public RedisSessionService(
|
||||
public RedisSessionManager(
|
||||
RedisConnectionFactory connectionFactory,
|
||||
JdbcTemplate jdbcTemplate) {
|
||||
super();
|
||||
@@ -49,7 +49,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public RedisSessionService() {
|
||||
public RedisSessionManager() {
|
||||
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void store(String sessionId, Session ticket) {
|
||||
public void create(String sessionId, Session ticket) {
|
||||
RedisConnection conn=connectionFactory.getConnection();
|
||||
conn.setexObject(PREFIX+sessionId, serviceTicketValiditySeconds, ticket);
|
||||
conn.close();
|
||||
@@ -91,7 +91,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
public void refresh(String sessionId,LocalTime refreshTime) {
|
||||
Session session = get(sessionId);
|
||||
session.setLastAccessTime(refreshTime);
|
||||
store(sessionId , session);
|
||||
create(sessionId , session);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -22,9 +22,9 @@ import java.util.List;
|
||||
|
||||
import org.maxkey.entity.HistoryLogin;
|
||||
|
||||
public interface SessionService {
|
||||
public interface SessionManager {
|
||||
|
||||
public void store(String sessionId, Session session);
|
||||
public void create(String sessionId, Session session);
|
||||
|
||||
public Session remove(String sessionId);
|
||||
|
||||
@@ -23,23 +23,23 @@ import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
|
||||
public class SessionServiceFactory {
|
||||
public class SessionManagerFactory {
|
||||
private static final Logger _logger =
|
||||
LoggerFactory.getLogger(SessionServiceFactory.class);
|
||||
LoggerFactory.getLogger(SessionManagerFactory.class);
|
||||
|
||||
public SessionService getService(
|
||||
public SessionManager getManager(
|
||||
int persistence,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory redisConnFactory){
|
||||
|
||||
SessionService sessionService = null;
|
||||
SessionManager sessionService = null;
|
||||
if (persistence == ConstsPersistence.INMEMORY) {
|
||||
sessionService = new InMemorySessionService(jdbcTemplate);
|
||||
sessionService = new InMemorySessionManager(jdbcTemplate);
|
||||
_logger.debug("InMemorySessionService");
|
||||
} else if (persistence == ConstsPersistence.JDBC) {
|
||||
_logger.debug("JdbcSessionService not support ");
|
||||
} else if (persistence == ConstsPersistence.REDIS) {
|
||||
sessionService = new RedisSessionService(redisConnFactory,jdbcTemplate);
|
||||
sessionService = new RedisSessionManager(redisConnFactory,jdbcTemplate);
|
||||
_logger.debug("RedisSessionService");
|
||||
}
|
||||
|
||||
@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import org.maxkey.authn.SignPrincipal;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.session.Session;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.util.AuthorizationHeaderUtils;
|
||||
import org.maxkey.web.WebConstants;
|
||||
@@ -42,13 +42,13 @@ public class AuthorizationUtils {
|
||||
public static void authenticateWithCookie(
|
||||
HttpServletRequest request,
|
||||
AuthJwtService authJwtService,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) throws ParseException{
|
||||
if(getSession() == null) {
|
||||
Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
|
||||
if(authCookie != null ) {
|
||||
String authorization = authCookie.getValue();
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionService);
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionManager);
|
||||
_logger.debug("congress automatic authenticated .");
|
||||
}
|
||||
}
|
||||
@@ -57,12 +57,12 @@ public class AuthorizationUtils {
|
||||
public static void authenticate(
|
||||
HttpServletRequest request,
|
||||
AuthJwtService authJwtService,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) throws ParseException{
|
||||
if(getSession() == null) {
|
||||
String authorization = AuthorizationHeaderUtils.resolveBearer(request);
|
||||
if(authorization != null ) {
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionService);
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionManager);
|
||||
_logger.debug("Authorization automatic authenticated .");
|
||||
}
|
||||
}
|
||||
@@ -71,10 +71,10 @@ public class AuthorizationUtils {
|
||||
public static void doJwtAuthenticate(
|
||||
String authorization,
|
||||
AuthJwtService authJwtService,
|
||||
SessionService sessionService) throws ParseException {
|
||||
SessionManager sessionManager) throws ParseException {
|
||||
if(authJwtService.validateJwtToken(authorization)) {
|
||||
String sessionId = authJwtService.resolveJWTID(authorization);
|
||||
Session session = sessionService.get(sessionId);
|
||||
Session session = sessionManager.get(sessionId);
|
||||
if(session != null) {
|
||||
setSession(session);
|
||||
setAuthentication(session.getAuthentication());
|
||||
@@ -82,6 +82,7 @@ public class AuthorizationUtils {
|
||||
}
|
||||
}
|
||||
|
||||
//set session to http session
|
||||
public static void setSession(Session session) {
|
||||
WebContext.setAttribute(WebConstants.SESSION, session);
|
||||
}
|
||||
@@ -91,6 +92,7 @@ public class AuthorizationUtils {
|
||||
return session;
|
||||
}
|
||||
|
||||
//get session to http session
|
||||
public static Session getSession(HttpServletRequest request) {
|
||||
Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION);
|
||||
return session;
|
||||
|
||||
@@ -23,7 +23,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.SignPrincipal;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.web.AuthorizationUtils;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.slf4j.Logger;
|
||||
@@ -44,7 +44,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
|
||||
ApplicationConfig applicationConfig;
|
||||
|
||||
@Autowired
|
||||
SessionService sessionService;
|
||||
SessionManager sessionManager;
|
||||
|
||||
@Autowired
|
||||
AuthJwtService authJwtService ;
|
||||
@@ -59,7 +59,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
|
||||
_logger.trace("Permission Interceptor .");
|
||||
AuthorizationUtils.authenticate(request, authJwtService, sessionService);
|
||||
AuthorizationUtils.authenticate(request, authJwtService, sessionManager);
|
||||
SignPrincipal principal = AuthorizationUtils.getPrincipal();
|
||||
//判断用户是否登录,判断用户是否登录用户
|
||||
if(principal == null){
|
||||
|
||||
@@ -28,8 +28,8 @@ import org.maxkey.authn.provider.MobileAuthenticationProvider;
|
||||
import org.maxkey.authn.provider.NormalAuthenticationProvider;
|
||||
import org.maxkey.authn.provider.TrustedAuthenticationProvider;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionServiceFactory;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.session.SessionManagerFactory;
|
||||
import org.maxkey.authn.web.SessionListenerAdapter;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.configuration.AuthJwkConfig;
|
||||
@@ -86,14 +86,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
public AbstractAuthenticationProvider normalAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService,
|
||||
SessionManager sessionManager,
|
||||
AuthJwtService authJwtService
|
||||
) {
|
||||
_logger.debug("init authentication Provider .");
|
||||
return new NormalAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
sessionService,
|
||||
sessionManager,
|
||||
authJwtService
|
||||
);
|
||||
}
|
||||
@@ -103,14 +103,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
OtpAuthnService otpAuthnService,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) {
|
||||
_logger.debug("init Mobile authentication Provider .");
|
||||
return new MobileAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
otpAuthnService,
|
||||
sessionService
|
||||
sessionManager
|
||||
);
|
||||
}
|
||||
|
||||
@@ -118,13 +118,13 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
public AbstractAuthenticationProvider trustedAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) {
|
||||
_logger.debug("init Mobile authentication Provider .");
|
||||
return new TrustedAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
sessionService
|
||||
sessionManager
|
||||
);
|
||||
}
|
||||
|
||||
@@ -181,18 +181,18 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
}
|
||||
|
||||
|
||||
@Bean(name = "sessionService")
|
||||
public SessionService sessionService(
|
||||
@Bean(name = "sessionManager")
|
||||
public SessionManager sessionManager(
|
||||
@Value("${maxkey.server.persistence}") int persistence,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory redisConnFactory,
|
||||
@Value("${server.servlet.session.timeout:1800}") int timeout
|
||||
) {
|
||||
SessionService sessionService =
|
||||
new SessionServiceFactory().getService(persistence, jdbcTemplate, redisConnFactory);
|
||||
sessionService.setValiditySeconds(timeout);
|
||||
SessionManager sessionManager =
|
||||
new SessionManagerFactory().getManager(persistence, jdbcTemplate, redisConnFactory);
|
||||
sessionManager.setValiditySeconds(timeout);
|
||||
_logger.trace("onlineTicket timeout " + timeout);
|
||||
return sessionService;
|
||||
return sessionManager;
|
||||
}
|
||||
|
||||
@Bean(name = "sessionListenerAdapter")
|
||||
|
||||
Reference in New Issue
Block a user