07 29 02 fix_add login codes

src/main/java/com/imed/costaccount/common/shiro/OAuth2Filter.java

@@ -3,10 +3,9 @@ package com.imed.costaccount.common.shiro;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.json.JSONUtil;
 import com.auth0.jwt.exceptions.TokenExpiredException;
-import com.imed.costaccount.common.token.ThreadLocalToken;
-import com.imed.costaccount.common.util.ErrorResult;
-import com.imed.costaccount.common.token.RedisUtil;
 import com.imed.costaccount.common.token.JwtUtil;
+import com.imed.costaccount.common.token.RedisUtil;
+import com.imed.costaccount.common.util.ErrorResult;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
@@ -98,6 +97,21 @@ public class  OAuth2Filter extends AuthenticatingFilter {
             return false;
         }
 
+        // 查看redis中token是否不存在了
+        int userId = jwtUtil.getUserId(token);
+        String redisToken = (String) redisUtil.get(userId + "");
+        if (StrUtil.isBlank(redisToken)) {
+            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "令牌失效"));
+            resp.getWriter().print(json);
+            return false;
+        }
+        // 如果两个缓存不一致，说明有人重新登录了
+        if (!token.equalsIgnoreCase(redisToken)) {
+            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "您的账户在其他地方登录，请重新登录或修改密码！"));
+            resp.getWriter().print(json);
+            return false;
+        }
+
         // 内容是否过期
         try {
             jwtUtil.verifierToken(token);

src/main/java/com/imed/costaccount/common/token/JwtUtil.java

@@ -5,7 +5,9 @@ import cn.hutool.core.date.DateTime;
 import cn.hutool.core.date.DateUtil;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTDecodeException;
 import com.auth0.jwt.interfaces.DecodedJWT;
+import com.imed.costaccount.common.exception.CostException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
@@ -30,8 +32,13 @@ public class JwtUtil {
     }
 
     public int  getUserId(String token) {
-        DecodedJWT decode = JWT.decode(token);
-        return decode.getClaim("userId").asInt();
+        try {
+            DecodedJWT decode = JWT.decode(token);
+            Integer userId = decode.getClaim("userId").asInt();
+            return userId;
+        } catch (JWTDecodeException e) {
+            throw new CostException(500, "操作非法");
+        }
     }
 
     public void verifierToken(String token) {

src/main/java/com/imed/costaccount/service/UserService.java

@@ -64,5 +64,11 @@ public interface UserService extends IService<User> {
      * @param user
      */
     Result importUser(List<List<Object>> list, User user);
+
+    /**
+     * 退出登录
+     * @param user
+     */
+    void logout(User user);
 }
 

src/main/java/com/imed/costaccount/service/impl/UserServiceImpl.java

@@ -32,6 +32,7 @@ import org.springframework.util.StringUtils;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
+import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
 
@@ -84,7 +85,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
         }
         String token = jwtUtil.createToken(one.getId());
         // 保存到redis 有效期一天
-//        redisUtil.set(one.getId() + "", token, 60 * 60 * 24 * 1000);
+        redisUtil.set(one.getId() + "", token, 60 * 60 * 24);
         return LoginVO.builder().token(token).name(one.getName()).userid(one.getId()).build();
     }
 
@@ -247,5 +248,13 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
         return Result.build(200, "有" + realUsers.size() + "条数据已存在，未被导入", null);
     }
 
-
+    /**
+     * 退出登录
+     *
+     * @param user
+     */
+    @Override
+    public void logout(User user) {
+        redisUtil.del(user.getId() + "");
+    }
 }

src/main/java/com/imed/costaccount/web/LoginController.java

@@ -1,6 +1,7 @@
 package com.imed.costaccount.web;
 
 import com.imed.costaccount.common.util.Result;
+import com.imed.costaccount.model.User;
 import com.imed.costaccount.model.dto.LoginDTO;
 import com.imed.costaccount.model.vo.CommonVO;
 import com.imed.costaccount.model.vo.LoginVO;
@@ -8,6 +9,7 @@ import com.imed.costaccount.service.HospitalService;
 import com.imed.costaccount.service.UserService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;
@@ -39,6 +41,14 @@ public class LoginController {
         return Result.ok(loginVO);
     }
 
+    @ApiOperation("退出登录")
+    @PostMapping("/logout")
+    public Result logout() {
+        User user = (User) SecurityUtils.getSubject().getPrincipal();
+        userService.logout(user);
+        return Result.ok();
+    }
+
     /**
      * 通过医院标识获取院区列表
      * @param sign 医院标识