makefriends/dating
2
1
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

多端登录功能实现

Browse Source
This commit is contained in:
KilLze
2026-01-20 17:07:51 +08:00
parent 2224b43fcb
commit 08c6481c51
8 changed files with 124 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/main/java/com/bao/dating/context/UserContext.java
View File

@@ -6,7 +6,15 @@ package com.bao.dating.context;
*/ */
public class UserContext { public class UserContext {
/**
* 当前线程的用户ID
*/
private static final ThreadLocal<Long> USER_HOLDER = new ThreadLocal<>(); private static final ThreadLocal<Long> USER_HOLDER = new ThreadLocal<>();
/**
* 当前线程的设备ID
*/
private static final ThreadLocal<String> DEVICE_HOLDER = new ThreadLocal<>();
/** /**
* 设置当前线程的用户ID * 设置当前线程的用户ID
@@ -24,12 +32,27 @@ public class UserContext {
return USER_HOLDER.get(); return USER_HOLDER.get();
} }
/**
* 设置当前线程的设备ID
* @param deviceId 设备ID
*/
public static void setDeviceId(String deviceId) {
DEVICE_HOLDER.set(deviceId);
}
/**
* 获取当前线程的设备ID
* @return 当前设备ID如果未设置则返回null
*/
public static String getDeviceId() {
return DEVICE_HOLDER.get();
}
/** /**
* 清除当前线程的用户ID和token * 清除当前线程的用户ID和token
*/ */
public static void clear() { public static void clear() {
USER_HOLDER.remove(); USER_HOLDER.remove();
DEVICE_HOLDER.remove();
} }
} }

3
src/main/java/com/bao/dating/controller/UserController.java
View File

@@ -48,7 +48,8 @@ public class UserController {
@PostMapping("/logout") @PostMapping("/logout")
public Result<Void> logout(HttpServletRequest request) { public Result<Void> logout(HttpServletRequest request) {
String token = request.getHeader("token"); String token = request.getHeader("token");
userService.logout(token); String deviceId = request.getHeader("deviceId");
userService.logout(token, deviceId);
return Result.success(ResultCode.SUCCESS,"退出登录成功",null); return Result.success(ResultCode.SUCCESS,"退出登录成功",null);
} }

63
src/main/java/com/bao/dating/interceptor/TokenInterceptor.java
View File

@@ -7,12 +7,15 @@ import com.bao.dating.context.UserContext;
import com.bao.dating.util.JwtUtil; import com.bao.dating.util.JwtUtil;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod; import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.HandlerInterceptor;
import java.io.IOException;
/** /**
* HttpToken拦截器类 * HttpToken拦截器类
* 用于拦截请求并验证JWT token的有效性同时从token中解析用户信息 * 用于拦截请求并验证JWT token的有效性同时从token中解析用户信息
@@ -25,6 +28,7 @@ public class TokenInterceptor implements HandlerInterceptor {
@Autowired @Autowired
private RedisTemplate redisTemplate; private RedisTemplate redisTemplate;
/** /**
* 在请求处理之前进行拦截 * 在请求处理之前进行拦截
* 从请求头或URL参数中获取token验证其有效性并将用户ID保存到ThreadLocal中 * 从请求头或URL参数中获取token验证其有效性并将用户ID保存到ThreadLocal中
@@ -42,28 +46,35 @@ public class TokenInterceptor implements HandlerInterceptor {
//当前拦截到的不是动态方法,直接放行 //当前拦截到的不是动态方法,直接放行
return true; return true;
} }
// 从 header 获取 token // 从 header 获取 token
String token = request.getHeader("token"); String token = request.getHeader("token");
if (StringUtils.isBlank(token)) {
write401(response, "未登录,请先登录");
return false;
}
// 获取 deviceId多设备关键
String deviceId = request.getHeader("deviceId");
if (StringUtils.isBlank(deviceId)) {
write401(response, "设备标识缺失");
return false;
}
try { try {
log.info("jwt校验: {}", token); log.info("HTTP鉴权 token={}, deviceId={}", token, deviceId);
// 验证 token 是否有效(包括是否过期) // 验证 token 是否有效(包括是否过期)
if (!JwtUtil.validateToken(token)) { if (!JwtUtil.validateToken(token)) {
log.error("Token无效或已过期"); write401(response, "Token无效或已过期");
response.setStatus(401);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write("Token无效或已过期");
return false; return false;
} }
// 检查 token 是否在黑名单中 // 检查 token 是否在黑名单中
Object blacklistToken = redisTemplate.opsForValue().get("jwt:blacklist:" + token); Object blacklistToken = redisTemplate.opsForValue().get("jwt:blacklist:" + token);
if (blacklistToken != null) { if (blacklistToken != null) {
log.error("Token已在黑名单中"); write401(response, "登录已失效,请重新登录");
response.setStatus(401);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write("登录已失效, 请重新登录");
return false; return false;
} }
@@ -74,7 +85,6 @@ public class TokenInterceptor implements HandlerInterceptor {
String banKey = "user:ban:" + userId; String banKey = "user:ban:" + userId;
if (Boolean.TRUE.equals(redisTemplate.hasKey(banKey))) { if (Boolean.TRUE.equals(redisTemplate.hasKey(banKey))) {
String reason = String.valueOf(redisTemplate.opsForValue().get(banKey)); String reason = String.valueOf(redisTemplate.opsForValue().get(banKey));
log.error("用户 {} 已被封禁,原因:{}", userId, reason);
response.setStatus(403); response.setStatus(403);
response.setContentType("application/json;charset=UTF-8"); response.setContentType("application/json;charset=UTF-8");
@@ -82,24 +92,19 @@ public class TokenInterceptor implements HandlerInterceptor {
return false; return false;
} }
// 从Redis获取存储的token进行比对 // 多设备 token 校验
Object redisTokenObj = redisTemplate.opsForValue().get("login:token:" + userId); String redisTokenKey = "login:token:" + userId + ":" + deviceId;
String redisToken = redisTokenObj != null ? redisTokenObj.toString() : null; Object redisTokenObj = redisTemplate.opsForValue().get(redisTokenKey);
// 验证Redis中的token是否存在且匹配 if (redisTokenObj == null || !token.equals(redisTokenObj.toString())) {
if (redisToken == null || !redisToken.equals(token)) { write401(response, "登录状态已失效");
log.error("登录已失效");
response.setStatus(401);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write("登录已失效");
return false; return false;
} }
log.info("用户: {}", userId); // 保存 登录信息 到 ThreadLocal
// 保存 userId 到 ThreadLocal
UserContext.setUserId(userId); UserContext.setUserId(userId);
// 保存 token 到 ThreadLocal UserContext.setDeviceId(deviceId);
UserContext.setToken(token); log.info("token验证成功 userId={}, deviceId={}", userId, deviceId);
return true; return true;
} catch (Exception e) { } catch (Exception e) {
log.error("Token 校验失败: {}", e.getMessage()); log.error("Token 校验失败: {}", e.getMessage());
@@ -122,4 +127,16 @@ public class TokenInterceptor implements HandlerInterceptor {
UserContext.clear(); UserContext.clear();
} }
/**
* 响应错误信息
* @param response
* @param msg
* @throws IOException
*/
private void write401(HttpServletResponse response, String msg) throws IOException {
response.setStatus(401);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(msg);
}
} }

23
src/main/java/com/bao/dating/interceptor/WsAuthInterceptor.java
View File

@@ -42,9 +42,10 @@ public class WsAuthInterceptor implements HandshakeInterceptor {
// 从URL参数中获取token // 从URL参数中获取token
String token = servletRequest.getParameter("token"); String token = servletRequest.getParameter("token");
String deviceId = servletRequest.getParameter("deviceId");
if (StringUtils.isBlank(token)) {
log.error("WebSocket握手失败令牌丢失"); if (StringUtils.isBlank(token) || StringUtils.isBlank(deviceId)) {
log.error("WebSocket认证失败token或deviceId缺失");
return false; return false;
} }
@@ -81,21 +82,19 @@ public class WsAuthInterceptor implements HandshakeInterceptor {
return false; return false;
} }
// 从Redis获取存储的token进行比对 // 多设备 token 校验
String redisTokenKey = "login:token:" + userId; String redisTokenKey = "login:token:" + userId + ":" + deviceId;
Object redisTokenObj = redisTemplate.opsForValue().get(redisTokenKey); Object redisTokenObj = redisTemplate.opsForValue().get(redisTokenKey);
String redisToken = redisTokenObj != null ? redisTokenObj.toString() : null;
log.info("Redis中存储的token: {}", redisToken != null ? "存在" : "不存在");
// 验证Redis中的token是否存在且匹配 if (redisTokenObj == null || !token.equals(redisTokenObj.toString())) {
if (redisToken == null || !redisToken.equals(token)) { log.error("登录已失效");
log.error("登录已失效 - Redis中token不存在或不匹配");
return false; return false;
} }
log.info("WebSocket认证成功用户ID: {}", userId); // 将信息保存到attributes中
// 将用户ID保存到attributes中
attributes.put("userId", userId); attributes.put("userId", userId);
attributes.put("deviceId", deviceId);
log.info("WebSocket认证成功 userId={}, deviceId={}", userId, deviceId);
return true; return true;
} }
catch (NumberFormatException e) { catch (NumberFormatException e) {

6
src/main/java/com/bao/dating/pojo/dto/UserLoginDTO.java
View File

@@ -12,4 +12,10 @@ import java.io.Serializable;
public class UserLoginDTO implements Serializable { public class UserLoginDTO implements Serializable {
private String username; private String username;
private String password; private String password;
/** 设备唯一标识(前端生成)*/
private String deviceId;
/** 设备类型 */
private String deviceType;
/** 设备名称 */
private String deviceName;
} }

1
src/main/java/com/bao/dating/pojo/vo/UserLoginVO.java
View File

@@ -12,4 +12,5 @@ public class UserLoginVO implements Serializable {
private Long userId; private Long userId;
private String nickname; private String nickname;
private String token; private String token;
private String deviceId;
} }

2
src/main/java/com/bao/dating/service/UserService.java
View File

@@ -25,7 +25,7 @@ public interface UserService {
* @param token 登录凭证 * @param token 登录凭证
* @return 注册结果 * @return 注册结果
*/ */
void logout(String token); void logout(String token, String deviceId);
/** /**
* 查询个人信息 * 查询个人信息

47
src/main/java/com/bao/dating/service/impl/UserServiceImpl.java
View File

@@ -82,6 +82,9 @@ public class UserServiceImpl implements UserService {
if (userLoginDTO == null || userLoginDTO.getUsername() == null || userLoginDTO.getPassword() == null) { if (userLoginDTO == null || userLoginDTO.getUsername() == null || userLoginDTO.getPassword() == null) {
throw new RuntimeException("用户名或密码不能为空"); throw new RuntimeException("用户名或密码不能为空");
} }
if (userLoginDTO.getDeviceId() == null || userLoginDTO.getDeviceName() == null || userLoginDTO.getDeviceType() == null){
throw new RuntimeException("未获取到设备");
}
// 查询用户 // 查询用户
User user = userMapper.getByUsername(userLoginDTO.getUsername()); User user = userMapper.getByUsername(userLoginDTO.getUsername());
if (user == null) { if (user == null) {
@@ -101,19 +104,39 @@ public class UserServiceImpl implements UserService {
// 生成token // 生成token
String token = JwtUtil.generateToken(String.valueOf(user.getUserId())); String token = JwtUtil.generateToken(String.valueOf(user.getUserId()));
String redisKey = "login:token:" + user.getUserId(); Long userId = user.getUserId();
String deviceId = userLoginDTO.getDeviceId();
String tokenKey = "login:token:" + userId+ ":" + deviceId;
redisTemplate.opsForValue().set( redisTemplate.opsForValue().set(
redisKey, tokenKey,
token, token,
7, 7,
TimeUnit.DAYS TimeUnit.DAYS
); );
// 设备信息 Hash
String deviceKey = "user:device:" + userId+ ":" + deviceId;
Map<String, Object> deviceInfo = new HashMap<>();
deviceInfo.put("token", token);
deviceInfo.put("deviceType", userLoginDTO.getDeviceType());
deviceInfo.put("deviceName", userLoginDTO.getDeviceName());
deviceInfo.put("loginTime", System.currentTimeMillis());
// 存储设备信息
redisTemplate.opsForHash().putAll(deviceKey, deviceInfo);
redisTemplate.expire(deviceKey, 7, TimeUnit.DAYS);
// 缓存用户设备信息
String deviceSetKey = "user:devices:" + userId;
redisTemplate.opsForSet().add(deviceSetKey, deviceId);
// 封装返回 // 封装返回
UserLoginVO userLoginVO = new UserLoginVO(); UserLoginVO userLoginVO = new UserLoginVO();
userLoginVO.setUserId(user.getUserId()); userLoginVO.setUserId(userId);
userLoginVO.setNickname(user.getNickname()); userLoginVO.setNickname(user.getNickname());
userLoginVO.setToken(token); userLoginVO.setToken(token);
userLoginVO.setDeviceId(deviceId);
return userLoginVO; return userLoginVO;
} }
@@ -122,10 +145,10 @@ public class UserServiceImpl implements UserService {
* @param token 登录凭证 * @param token 登录凭证
*/ */
@Override @Override
public void logout(String token) { public void logout(String token, String deviceId) {
Claims claims = JwtUtil.getClaimsFromToken(token); Claims claims = JwtUtil.getClaimsFromToken(token);
// 获取token信息 // 获取token信息
String subject = claims.getSubject(); String userId = claims.getSubject();
// 获取token的过期时间 // 获取token的过期时间
Date expiration = claims.getExpiration(); Date expiration = claims.getExpiration();
// 判断 token 是否已过期 // 判断 token 是否已过期
@@ -135,10 +158,15 @@ public class UserServiceImpl implements UserService {
return; return;
} }
// 从Redis中删除登录token记录 // 从Redis中删除当前设备登录token记录
String loginTokenKey = "login:token:" + subject; String loginTokenKey = "login:token:" + userId + ":" + deviceId;
redisTemplate.delete(loginTokenKey); redisTemplate.delete(loginTokenKey);
// 删除设备信息
String deviceKey = "user:device:" + userId + ":" + deviceId;
redisTemplate.delete(deviceKey);
// 将token加入黑名单
String logoutKey = "jwt:blacklist:" + token; String logoutKey = "jwt:blacklist:" + token;
redisTemplate.opsForValue().set( redisTemplate.opsForValue().set(
logoutKey, logoutKey,
@@ -499,6 +527,11 @@ public class UserServiceImpl implements UserService {
return result; return result;
} }
/**
* 判断用户是否在线
* @param userId 用户ID
* @return true: 在线false: 离线
*/
@Override @Override
public boolean isUserOnline(Long userId) { public boolean isUserOnline(Long userId) {
if (userId == null) { if (userId == null) {