lywsvip/hsweb-framework
1
0
Fork 0
mirror of https://github.com/hs-web/hsweb-framework.git synced 2026-06-05 04:13:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化权限控制

Browse Source
This commit is contained in:
zhou-hao
2017-11-22 22:01:25 +08:00
parent d25934d1e4
commit 1e5c880fa9
23 changed files with 465 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserOnSignIn.java
View File

@@ -6,6 +6,7 @@ import org.hswebframework.web.authorization.token.UserToken;
import org.hswebframework.web.authorization.token.UserTokenHolder;
import org.hswebframework.web.authorization.token.UserTokenManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import java.util.ArrayList;
import java.util.List;
@@ -13,7 +14,8 @@ import java.util.List;
/**
* @author zhouhao
*/
public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessEvent> {
public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessEvent>
,ApplicationListener<AuthorizationSuccessEvent>{
private String defaultTokenType = "sessionId";
@@ -36,6 +38,11 @@ public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessE
@Override
public void on(AuthorizationSuccessEvent event) {
onApplicationEvent(event);
}
@Override
public void onApplicationEvent(AuthorizationSuccessEvent event) {
UserToken token = UserTokenHolder.currentToken();
String tokenType = (String) event.getParameter("token_type").orElse(defaultTokenType);

17
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserOnSignOut.java
View File

@@ -2,16 +2,16 @@ package org.hswebframework.web.authorization.basic.web;
import org.hswebframework.web.authorization.listener.AuthorizationListener;
import org.hswebframework.web.authorization.listener.event.AuthorizationExitEvent;
import org.hswebframework.web.authorization.listener.event.AuthorizationSuccessEvent;
import org.hswebframework.web.authorization.token.UserToken;
import org.hswebframework.web.authorization.token.UserTokenHolder;
import org.hswebframework.web.authorization.token.UserTokenManager;
import org.springframework.context.ApplicationListener;
/**
* TODO 完成注释
*
* @author zhouhao
*/
public class UserOnSignOut implements AuthorizationListener<AuthorizationExitEvent> {
public class UserOnSignOut implements AuthorizationListener<AuthorizationExitEvent>,ApplicationListener<AuthorizationExitEvent> {
private UserTokenManager userTokenManager;
public UserOnSignOut(UserTokenManager userTokenManager) {
@@ -20,11 +20,16 @@ public class UserOnSignOut implements AuthorizationListener<AuthorizationExitEve
@Override
public void on(AuthorizationExitEvent event) {
userTokenManager.signOutByToken(geToken());
onApplicationEvent(event);
}
protected String geToken() {
private String geToken() {
UserToken token = UserTokenHolder.currentToken();
return null != token ? token.getToken() : null;
return null != token ? token.getToken() : "";
}
@Override
public void onApplicationEvent(AuthorizationExitEvent event) {
userTokenManager.signOutByToken(geToken());
}
}

3
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/WebUserTokenInterceptor.java
View File

@@ -1,5 +1,7 @@
package org.hswebframework.web.authorization.basic.web;
import org.hswebframework.web.authorization.exception.UnAuthorizedException;
import org.hswebframework.web.authorization.token.TokenState;
import org.hswebframework.web.authorization.token.UserToken;
import org.hswebframework.web.authorization.token.UserTokenHolder;
import org.hswebframework.web.authorization.token.UserTokenManager;
@@ -54,4 +56,5 @@ public class WebUserTokenInterceptor extends HandlerInterceptorAdapter {
}
return true;
}
}

79
hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/RedisUserTokenManagerTests.java Normal file
View File

@@ -0,0 +1,79 @@
package org.hswebframework.web.authorization;
import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
import org.hswebframework.web.authorization.token.SimpleUserToken;
import org.hswebframework.web.authorization.token.UserToken;
import org.hswebframework.web.authorization.token.UserTokenManager;
import org.hswebframework.web.id.IDGenerator;
import org.junit.Assert;
import org.redisson.Redisson;
import org.redisson.api.LocalCachedMapOptions;
import org.redisson.api.RedissonClient;
import org.redisson.codec.FstCodec;
import org.redisson.codec.SerializationCodec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.ConcurrentMap;
public class RedisUserTokenManagerTests {
static UserTokenManager userTokenManager;
static String token = IDGenerator.MD5.generate();
private static Logger logger = LoggerFactory.getLogger("hsweb.session");
public static void main(String[] args) throws InterruptedException {
RedissonClient client = Redisson.create();
try {
ConcurrentMap<String, SimpleUserToken> repo = client.getMap("hsweb.user-token", new SerializationCodec());
ConcurrentMap<String, List<String>> userRepo = client.getMap("hsweb.user-token-u", new SerializationCodec());
userTokenManager = new DefaultUserTokenManager(repo, userRepo) {
@Override
protected List<String> getUserToken(String userId) {
userRepo.computeIfAbsent(userId,u->new ArrayList<>());
return client.getList("hsweb.user-token-"+userId, new SerializationCodec());
}
};
// userTokenManager=new DefaultUserTokenManager();
userRepo.clear();
repo.clear();
for (int i = 0; i < 1000; i++) {
userTokenManager.signIn(IDGenerator.MD5.generate(), "sessionId", "admin", 60*3600*1000);
}
userTokenManager.signIn(IDGenerator.MD5.generate(), "sessionId", "admin2", 60*3600*1000);
testGet();
testGetAll();
testSignOut();
testGetAll();
} finally {
client.shutdown();
}
}
public static void testSignOut(){
userTokenManager.signOutByUserId("admin");
}
public static void testGet() {
List<UserToken> userToken = userTokenManager.getByUserId("admin");
Assert.assertTrue(!userToken.isEmpty());
}
public static void testGetAll() {
logger.warn("total user : " + userTokenManager.totalUser());
logger.warn("total token : " + userTokenManager.totalToken());
userTokenManager.allLoggedUser(token -> System.out.println(token.getToken()));
}
}

45
hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java Normal file
View File

@@ -0,0 +1,45 @@
package org.hswebframework.web.authorization;
import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
import org.hswebframework.web.authorization.token.TokenState;
import org.hswebframework.web.authorization.token.UserToken;
import org.hswebframework.web.authorization.token.UserTokenManager;
import org.junit.Assert;
import org.junit.Test;
public class UserTokenManagerTests {
protected UserTokenManager userTokenManager = new DefaultUserTokenManager();
public void setUserTokenManager(UserTokenManager userTokenManager) {
this.userTokenManager = userTokenManager;
}
@Test
public void simpleTest() throws InterruptedException {
UserToken userToken = userTokenManager.signIn("test", "sessionId", "admin", 1000);
Assert.assertNotNull(userToken);
userTokenManager.changeUserState("admin", TokenState.deny);
userToken = userTokenManager.getByToken(userToken.getToken());
Assert.assertEquals(userToken.getState(), TokenState.deny);
userTokenManager.changeUserState("admin", TokenState.effective);
Thread.sleep(1200);
userToken = userTokenManager.getByToken(userToken.getToken());
Assert.assertTrue(userToken.isExpired());
userTokenManager.checkExpiredToken();
userToken = userTokenManager.getByToken(userToken.getToken());
Assert.assertTrue(userToken == null);
}
}