注销之前的session,修复之前的bug，触发条件：同一浏览器打登录页

4 years ago · 50bb0eec92
parent 5b63e8cd40
commit 50bb0eec92
2 changed files with 14 additions and 22 deletions
--- a/power-admin/src/main/java/com/manage/controller/LoginController.java
+++ b/power-admin/src/main/java/com/manage/controller/LoginController.java
@ -40,15 +40,18 @@ public class LoginController {
    LoginService loginService;
    @RequestMapping(value = "login",method = RequestMethod.GET)
-    public String toLogin(Model model){
+    public String toLogin(Model model ,HttpServletRequest request){
        CacheManager.addExcCount("noExc");
        //同一浏览器打开login，直接触发注销登录session
        loginService.removeOldUserOnLogin(request);
        return "loginDir/login";
    }
    @RequestMapping(value = "login",method = RequestMethod.POST)
    public String login(Power_User powerUser,HttpServletResponse response, HttpServletRequest request,Model model){
-        //2021/9/23实际校验调用
+        //同一浏览器打开login，直接触发注销登录session
-        loginService.checkOnlyOneUser(request);
+        loginService.removeOldUserOnLogin(request);
        try {
            Power_UserVo user = powerUserService.findPowerUserByUserNameAndUserPwd(powerUser);
--- a/power-admin/src/main/java/com/manage/service/LoginService.java
+++ b/power-admin/src/main/java/com/manage/service/LoginService.java
@ -8,28 +8,17 @@ import java.util.HashMap;
 /**
 * @author 谢铭
- * @date 2021/9/23
+ * @date 2021/9/29
- * 校验是否同一ip、同一浏览器下多用户登陆，并且移除符合条件的session
+ * 注销之前的session,修复之前的bug
- * hashmap全局存储用户，利用hashmap去重保持同一浏览器同一ip，只有一个session信息被保存
+ * 触发条件：同一浏览器打开登录页
 */
@Service
 public class LoginService {
-    private static HashMap<String, HttpSession> userIdMap = new HashMap<>();
+    public void removeOldUserOnLogin(HttpServletRequest request) {
-
+        if (null != request.getSession(false)&&!"".equals(request.getSession(false))) {
-    public void checkOnlyOneUser(HttpServletRequest request) {
+            //直接注销之前session
-        //key，ip+ua共同构成单用户识别码
+            request.getSession(false).invalidate();
        String ip = request.getRemoteAddr();
        String ua = request.getHeader("user-agent");
        String key = ip + ua;
        //value为session
        HttpSession session = request.getSession();
        //判断是否存在key，存在就执行session过期的方法
        if (userIdMap.containsKey(key)) {
            //非空就是保存过，就清理指定sessionId对应的session,处理完正常登录
            userIdMap.get(key).invalidate();
        }
        //放入新的key，value，正常登陆
        userIdMap.put(key, session);
    }
-}
+}