From 026aa7c7323762951cbeddf415c9b40e9c7ff726 Mon Sep 17 00:00:00 2001
From: xuhx <1216720373@qq.com>
Date: Thu, 23 Sep 2021 08:47:25 +0800
Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E9=AA=8C=E8=AF=81=E5=90=8C?=
 =?UTF-8?q?=E4=B8=80ip=EF=BC=8C=E5=90=8C=E4=B8=80=E6=B5=8F=E8=A7=88?=
 =?UTF-8?q?=E5=99=A8ua=EF=BC=8C=E6=B3=A8=E9=94=80=E7=AC=A6=E5=90=88?=
 =?UTF-8?q?=E6=9D=A1=E4=BB=B6=E7=9A=84session=EF=BC=8C=E9=99=8D=E4=BD=8E?=
 =?UTF-8?q?=E9=AA=8C=E8=AF=81=E5=87=BA=E9=94=99=E7=9A=84=E5=87=A0=E7=8E=87?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../manage/controller/LoginController.java    |  5 +++
 .../java/com/manage/service/LoginService.java | 35 +++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 power-admin/src/main/java/com/manage/service/LoginService.java

diff --git a/power-admin/src/main/java/com/manage/controller/LoginController.java b/power-admin/src/main/java/com/manage/controller/LoginController.java
index 681589d..34c29b1 100644
--- a/power-admin/src/main/java/com/manage/controller/LoginController.java
+++ b/power-admin/src/main/java/com/manage/controller/LoginController.java
@@ -36,6 +36,8 @@ public class LoginController {
     private LogService logService;
     @Autowired
     private Power_DeptService power_deptService;
+    @Autowired
+    LoginService loginService;
 
     @RequestMapping(value = "login",method = RequestMethod.GET)
     public String toLogin(Model model){
@@ -45,6 +47,9 @@ public class LoginController {
 
     @RequestMapping(value = "login",method = RequestMethod.POST)
     public String login(Power_User powerUser,HttpServletResponse response, HttpServletRequest request,Model model){
+        //2021/9/22实际校验调用
+        loginService.checkOnlyOneUser(request);
+
         try {
             Power_UserVo user = powerUserService.findPowerUserByUserNameAndUserPwd(powerUser);
             //添加进操作日志
diff --git a/power-admin/src/main/java/com/manage/service/LoginService.java b/power-admin/src/main/java/com/manage/service/LoginService.java
new file mode 100644
index 0000000..706a8f8
--- /dev/null
+++ b/power-admin/src/main/java/com/manage/service/LoginService.java
@@ -0,0 +1,35 @@
+package com.manage.service;
+
+import org.springframework.stereotype.Service;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+
+/**
+ * @author 谢铭
+ * @date 2021/9/22
+ * 校验是否同一ip、同一浏览器下多用户登陆，并且移除符合条件的session
+ * hashmap全局存储用户，利用hashmap去重保持同一浏览器同一ip，只有一个session信息被保存
+ */
+
+@Service
+public class LoginService {
+    private static HashMap<String, HttpSession> userIdMap = new HashMap<>();
+
+    public void checkOnlyOneUser(HttpServletRequest request) {
+        //key，ip+ua共同构成单用户识别码
+        String ip = request.getRemoteAddr();
+        String ua = request.getHeader("user-agent");
+        String key = ip + ua;
+        //value为session
+        HttpSession session = request.getSession();
+        //判断是否存在key，存在就执行session过期的方法
+        if (userIdMap.containsKey(key)) {
+            //非空就是保存过，就清理指定sessionId对应的session,处理完正常登录
+            userIdMap.get(key).invalidate();
+        }
+        //放入新的key，value，正常登陆
+        userIdMap.put(key, session);
+    }
+}