在获取session的Service中,加入代码:
@Autowired
private FindByIndexNameSessionRepository<? extends Session> sessions;
private static final String USER_LOGIN_KEY = "USER_LOGIN_KEY_";
登录校验成功后,删除旧session信息,代码如下:
public boolean removeOldLoginUserInfo(Integer userId, String sessionId) {
String key = USER_LOGIN_KEY + userId;
String sessionIdForRedis = redisTemplate.opsForValue().get(key);
if (logger.isInfoEnabled()) {
logger.error("userId is {}, sessionId is {}, sessionIdForRedis is {}", userId, sessionId, sessionIdForRedis);
}
if (!StringUtils.equalsIgnoreCase(sessionIdForRedis, sessionId)) {
sessions.delete(sessionIdForRedis);
}
redisTemplate.opsForValue().set(key, sessionId);
return true;
}
拦截器中获取session信息做较验。