单一系统的登录要保证同一时间内不允许pc,app,微信同时登录,在一个时间内只保留最后一次登录状态。这样的设计是我们容易忽略的。下面通过过滤器的方式进行实现:
首先在web.xml文件中添加:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.test.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/ssl/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/app/ssl/*</url-pattern>
</filter-mapping>
定义过滤器,通过对比最近登录时间与session存储对象的登录时间,如果小于最近登录时间则跳转到登录页面:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
//获得前一个登录url
String preUrl = (String)session.getAttribute("preUrl");
//获得登录url地址
String logUrl = (String)session.getAttribute("logUrl");
//从session中拿到用户信息
CustUser user = (CustUser) session.getAttribute(Constants.USER);
//拿到请求类型 XMLHttpRequest,表明是AJax异步;如果为null,则为普通同步请求
String type = req.getHeader("X-Requested-With");
//拿到url地址
String url = ((HttpServletRequest)request).getRequestURI();
//如果session里面没有值,访问的是需要验证的页面
if(user==null && url.contains("/ssl/") && !isNotloginUrl(url)&&!url.contains("app/")){
//异步请求直接设置session过期
if(StringUtils.isNotBlank(type) && type.equalsIgnoreCase("XMLHttpRequest")){
res.setHeader("sessionstatus", "timeout");
res.sendError(518, "session timeout.");
}else{
//如果前一个访问路径不是登录链接,记录下要访问的连接地址
String purl = req.getRequestURL().toString();
if (!purl.contains("login")) {
preUrl=purl;
if (null!=req.getQueryString()) {
preUrl= preUrl+"?"+req.getQueryString();
}
}
//放入session当中
session.setAttribute("preUrl", preUrl);
session.setAttribute("logUrl", logUrl);
//判断如果是微信用户,则跳转到微信页面
if (JudgeAccessSource.judgeAccessSource(req)) {
res.sendRedirect(req.getContextPath() + "/ssl/toLogin.htm");
return;
}
logUrl = "http://"+req.getHeader("Host")+req.getContextPath()+"/index.htm?isFilter=yes";
res.sendRedirect(logUrl);
return;
}
}else{
//当session的用户信息不为空,同一用户在不同的设备上或者不同地点登录,跳转入登录页面
if(null!=user){
Long loginTime = custUserLoginDao.getByUserId(user.getId()).getLoginTime().getTime();
if(loginTime!=null){
//根据最新用户登录的时间大于session中用户登录时间进行判断
if(user.getLoginTime()<loginTime){
session.removeAttribute("user");
//判断如果是微信用户,则跳转到微信页面
if (JudgeAccessSource.judgeAccessSource(req)&&!url.contains("/app")&&!url.contains("App")) {
res.sendRedirect(req.getContextPath() + "/ssl/toLogin.htm");
return;
}
if(!url.contains("/app")&&!url.contains("App")){
String login = req.getContextPath() + "/index.htm?isFilter=yes";
res.sendRedirect(login);
return;
}
}
}
if(StringUtils.isNotBlank(preUrl)){
session.removeAttribute("logUrl");
session.removeAttribute("preUrl");
/*if(user.getCustType()==1 && preUrl.indexOf("ssl/account/toCenter")>1){
preUrl = preUrl.replaceAll("ssl/account/toCenter", "ssl/account/toEntCenter");
}*/
res.sendRedirect(preUrl);
return;
}
}
/*if(null != user ){
if(StringUtils.isNotBlank(preUrl)){
session.removeAttribute("logUrl");
session.removeAttribute("preUrl");
if(user.getCustType()==1 && preUrl.indexOf("ssl/account/center")>1){
preUrl = preUrl.replaceAll("ssl/account/center", "ssl/account/entcenter");
}
res.sendRedirect(preUrl);
}
}*/
/*if(null != user && StringUtils.isNotBlank(preUrl)){
session.removeAttribute("logUrl");
session.removeAttribute("preUrl");
if(user.getCustType()==1 && preUrl.indexOf("ssl/account/center")>1){
preUrl = preUrl.replaceAll("ssl/account/center", "ssl/account/entcenter");
}
res.sendRedirect(preUrl);
}*/
}
//执行过滤器链其他过滤器
chain.doFilter(request, response);
}
根据请求表头来判断是手机登录还是pc登录:
public class JudgeAccessSource {
/**Wap网关Via头信息中特有的描述信息*/
private static String mobileGateWayHeaders[]=new String[]{
"ZXWAP",//中兴提供的wap网关的via信息,例如:Via=ZXWAP GateWayZTE Technologies,
"chinamobile.com",//中国移动的诺基亚wap网关,例如:Via=WTP/1.1 GDSZ-PB-GW003-WAP07.gd.chinamobile.com (Nokia WAP Gateway 4.1 CD1/ECD13_D/4.1.04)
"monternet.com",//移动梦网的网关,例如:Via=WTP/1.1 BJBJ-PS-WAP1-GW08.bj1.monternet.com. (Nokia WAP Gateway 4.1 CD1/ECD13_E/4.1.05)
"infoX",//华为提供的wap网关,例如:Via=HTTP/1.1 GDGZ-PS-GW011-WAP2 (infoX-WISG Huawei Technologies),或Via=infoX WAP Gateway V300R001 Huawei Technologies
"XMS 724Solutions HTG",//国外电信运营商的wap网关,不知道是哪一家
"wap.lizongbo.com",//自己测试时模拟的头信息
"Bytemobile",//貌似是一个给移动互联网提供解决方案提高网络运行效率的,例如:Via=1.1 Bytemobile OSN WebProxy/5.1
};
/**电脑上的IE或Firefox浏览器等的User-Agent关键词*/
private static String[] pcHeaders=new String[]{
"Windows 98",
"Windows ME",
"Windows 2000",
"Windows XP",
"Windows NT",
"Ubuntu"
};
/**手机浏览器的User-Agent里的关键词*/
private static String[] mobileUserAgents=new String[]{
"Nokia",//诺基亚,有山寨机也写这个的,总还算是手机,Mozilla/5.0 (Nokia5800 XpressMusic)UC AppleWebkit(like Gecko) Safari/530
"SAMSUNG",//三星手机 SAMSUNG-GT-B7722/1.0+SHP/VPP/R5+Dolfin/1.5+Nextreaming+SMM-MMS/1.2.0+profile/MIDP-2.1+configuration/CLDC-1.1
"MIDP-2",//j2me2.0,Mozilla/5.0 (SymbianOS/9.3; U; Series60/3.2 NokiaE75-1 /110.48.125 Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML like Gecko) Safari/413
"CLDC1.1",//M600/MIDP2.0/CLDC1.1/Screen-240X320
"SymbianOS",//塞班系统的,
"MAUI",//MTK山寨机默认ua
"UNTRUSTED/1.0",//疑似山寨机的ua,基本可以确定还是手机
"Windows CE",//Windows CE,Mozilla/4.0 (compatible; MSIE 6.0; Windows CE; IEMobile 7.11)
"iPhone",//iPhone是否也转wap?不管它,先区分出来再说。Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; zh-cn) AppleWebKit/532.9 (KHTML like Gecko) Mobile/8B117
"iPad",//iPad的ua,Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; zh-cn) AppleWebKit/531.21.10 (KHTML like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10
"Android",//Android是否也转wap?Mozilla/5.0 (Linux; U; Android 2.1-update1; zh-cn; XT800 Build/TITA_M2_16.22.7) AppleWebKit/530.17 (KHTML like Gecko) Version/4.0 Mobile Safari/530.17
"BlackBerry",//BlackBerry8310/2.7.0.106-4.5.0.182
"UCWEB",//ucweb是否只给wap页面? Nokia5800 XpressMusic/UCWEB7.5.0.66/50/999
"ucweb",//小写的ucweb貌似是uc的代理服务器Mozilla/6.0 (compatible; MSIE 6.0;) Opera ucweb-squid
"BREW",//很奇怪的ua,例如:REW-Applet/0x20068888 (BREW/3.1.5.20; DeviceId: 40105; Lang: zhcn) ucweb-squid
"J2ME",//很奇怪的ua,只有J2ME四个字母
"YULONG",//宇龙手机,YULONG-CoolpadN68/10.14 IPANEL/2.0 CTC/1.0
"YuLong",//还是宇龙
"COOLPAD",//宇龙酷派YL-COOLPADS100/08.10.S100 POLARIS/2.9 CTC/1.0
"TIANYU",//天语手机TIANYU-KTOUCH/V209/MIDP2.0/CLDC1.1/Screen-240X320
"TY-",//天语,TY-F6229/701116_6215_V0230 JUPITOR/2.2 CTC/1.0
"K-Touch",//还是天语K-Touch_N2200_CMCC/TBG110022_1223_V0801 MTK/6223 Release/30.07.2008 Browser/WAP2.0
"Haier",//海尔手机,Haier-HG-M217_CMCC/3.0 Release/12.1.2007 Browser/WAP2.0
"DOPOD",//多普达手机
"Lenovo",// 联想手机,Lenovo-P650WG/S100 LMP/LML Release/2010.02.22 Profile/MIDP2.0 Configuration/CLDC1.1
"LENOVO",// 联想手机,比如:LENOVO-P780/176A
"HUAQIN",//华勤手机
"AIGO-",//爱国者居然也出过手机,AIGO-800C/2.04 TMSS-BROWSER/1.0.0 CTC/1.0
"CTC/1.0",//含义不明
"CTC/2.0",//含义不明
"CMCC",//移动定制手机,K-Touch_N2200_CMCC/TBG110022_1223_V0801 MTK/6223 Release/30.07.2008 Browser/WAP2.0
"DAXIAN",//大显手机DAXIAN X180 UP.Browser/6.2.3.2(GUI) MMP/2.0
"MOT-",//摩托罗拉,MOT-MOTOROKRE6/1.0 LinuxOS/2.4.20 Release/8.4.2006 Browser/Opera8.00 Profile/MIDP2.0 Configuration/CLDC1.1 Software/R533_G_11.10.54R
"SonyEricsson",// 索爱手机,SonyEricssonP990i/R100 Mozilla/4.0 (compatible; MSIE 6.0; Symbian OS; 405) Opera 8.65 [zh-CN]
"GIONEE",//金立手机
"HTC",//HTC手机
"ZTE",//中兴手机,ZTE-A211/P109A2V1.0.0/WAP2.0 Profile
"HUAWEI",//华为手机,
"webOS",//palm手机,Mozilla/5.0 (webOS/1.4.5; U; zh-CN) AppleWebKit/532.2 (KHTML like Gecko) Version/1.0 Safari/532.2 Pre/1.0
"GoBrowser",//3g GoBrowser.User-Agent=Nokia5230/GoBrowser/2.0.290 Safari
"IEMobile",//Windows CE手机自带浏览器,
"WAP2.0"//支持wap 2.0的
};
/**
* 根据当前请求的特征,判断该请求是否来自手机终端,主要检测特殊的头信息,以及user-Agent这个header
* @param request http请求
* @return 返回true表示访问来自微信,false为非微信
*/
public static boolean judgeAccessSource(HttpServletRequest request){
boolean b = false;
boolean pcFlag = false;
boolean mobileFlag = false;
String via = request.getHeader("Via");
String userAgent = request.getHeader("user-agent");
for (int i = 0; via!=null && !via.trim().equals("") && i < mobileGateWayHeaders.length; i++) {
if(via.contains(mobileGateWayHeaders[i])){
mobileFlag = true;
break;
}
}
for (int i = 0;!mobileFlag && userAgent!=null && !userAgent.trim().equals("") && i < mobileUserAgents.length; i++) {
if(userAgent.contains(mobileUserAgents[i])){
mobileFlag = true;
break;
}
}
for (int i = 0; userAgent!=null && !userAgent.trim().equals("") && i < pcHeaders.length; i++) {
if(userAgent.contains(pcHeaders[i])){
pcFlag = true;
break;
}
}
if(mobileFlag==true && pcFlag==false){
b=true;
}
return b;//false pc true shouji
}
}
对于单项目的登录逻辑,要注意session的过期时间,类似于,在用户登录状态下删除该用户,同一时间只能登录一个等需求则可以考虑使用拦截器,过滤器来实现