一、步骤说明
登录流程
分布式系统使用 redis 缓存用户登录信息 token = redis 的key, userId = redis 的 value ,单点系统可以使用session
用户登录 --> 1.参数验证 --> 2、密码md5加密 -- 3、 调用数据库验证 --> 4、登录成功生成toket 保存到redis --> 返回toket
用户查询--> 1.验证token参数是否为空 --> 2、通过toket查询userId --> 3、调用数据库查询userId用户 --> 返回用户数据
登录流程
在原登录流程上添加数据表:
id
toket 令牌
userId 用户id
login_type 登录类型(pc/ ios / 安卓)
state 状态(0,最后/当前登录,1、登录已失效)
time 登录时间
登录地址/ip等等
1、判断type 字段是否为正确值(pc/ ios / 安卓)
2、查询该表是否存在该用户登录信息,存在,修改状态,为已失效,并删除toket
3、添加对应登录信息
后登录用户会把先登录的用户挤下线
二、登录实现
1、令牌工具类 GenerateToken
令牌 临时且唯一
@Component
public class GenerateToken {
@Autowired
private RedisUtil redisUtil;
/**
* 生成令牌
*
* @param prefix
* 令牌key前缀
* @param redisValue
* redis存放的值
* @return 返回token
*/
public String createToken(String keyPrefix, String redisValue) {
if (StringUtils.isEmpty(redisValue)) {
new Exception("redisValue Not nul");
}
String token = keyPrefix + UUID.randomUUID().toString().replace("-", "");
redisUtil.setString(token, redisValue);
return token;
}
/**
* 根据token获取redis中的value值
*
* @param token
* @return
*/
public String getToken(String token) {
if (StringUtils.isEmpty(token)) {
return null;
}
String value = redisUtil.getString(token);
return value;
}
/**
* 移除token
*
* @param token
* @return
*/
public Boolean removeToken(String token) {
if (StringUtils.isEmpty(token)) {
return null;
}
return redisUtil.delKey(token);
}
}
2、用户登陆参数接收类
@Data
@ApiModel(value = "用户登陆")
public class UserLoginInpDto {
/**
* 手机号码
*/
@ApiModelProperty(value = "手机号码")
private String mobile;
/**
* 密码
*/
@ApiModelProperty(value = "密码")
private String password;
/**
* 登陆类型 PC端 移动端 安卓 IOS 平板
*/
@ApiModelProperty(value = "登陆类型")
private String loginType;
}
3、登陆接口实现
/**
* 用户登陆接口
*
* @param userEntity
* @return
*/
@PostMapping("/login")
@ApiOperation(value = "会员用户登陆信息接口")
BaseResponse<JSONObject> login(@RequestBody UserLoginInpDto userLoginInpDto);
@Autowired
private UserMapper userMapper;
@Autowired
private GenerateToken generateToken;
@Override
public BaseResponse<JSONObject> login(@RequestBody UserLoginInpDto userLoginInpDto) {
// 1.参数验证
String mobile = userLoginInpDto.getMobile();
if (StringUtils.isEmpty(mobile)) {
return setResultError("手机号码不能为空!");
}
String password = userLoginInpDto.getPassword();
if (StringUtils.isEmpty(password)) {
return setResultError("密码不能为空!");
}
// 2.调用数据库验证
String newPassWord = MD5Util.MD5(password);
UserDo userDo = userMapper.login(mobile, newPassWord);
if (userDo == null) {
return setResultError("用户名称或者密码错误!");
}
// 获取userId,将userId存放在redis中 key为生成的令牌 value 为userid
String userId = userDo.getUserId() + "";
String token = generateToken.createToken(Constants.MEMBER_LOGIN_TOKEN_KEYPREFIX, userId);
JSONObject data = new JSONObject();
data.put("token", token);
return setResultSuccess(data);
}
4、通过Token查询用户信息
/**
* 根据token查询用户信息
*
* @param userEntity
* @return
*/
@PostMapping("/getUserInfo")
@ApiOperation(value = "/getUserInfo")
BaseResponse<UserOutDto> getInfo(@Param("token") String token)
@Override
public BaseResponse<UserOutDto> getInfo(String token) {
// 1.验证token参数是否为空
if (StringUtils.isEmpty(token)) {
return setResultError("token不能为空!");
}
// 2. 根据token查询用户userId
String redisUserId = generateToken.getToken(token);
if (StringUtils.isEmpty(redisUserId)) {
return setResultError("用户会话已经失效或者token无效!");
}
// 3.从数据库中查询redisUserId信息
Long userId = ConverterUtils.toLong(redisUserId);
UserDo userDo = userMapper.findByUserId(userId);
if (userDo == null) {
return setResultError("用户信息不存在");
}
// 4.将do转换为dto
UserOutDto userOutDto = MiteBeanUtils.doToDto(userDo, UserOutDto.class);
return setResultSuccess(userOutDto);
}
5、打印MySQL日志
####打印MyBatias日志
logging:
level:
com.mayikt.member.mapper: DEBUG
6、UserMapper
@Insert("INSERT INTO `meite_user` VALUES (null,#{mobile}, #{email}, #{password}, #{userName}, null, null, null, '1', null, null, null);")
int register(UserDo userDo);
@Select("SELECT USER_ID AS USERID ,MOBILE AS MOBILE,EMAIL AS EMAIL,PASSWORD AS PASSWORD, USER_NAME AS USER_NAME ,SEX AS SEX ,AGE AS AGE ,CREATE_TIME AS CREATETIME,IS_AVALIBLE AS ISAVALIBLE,PIC_IMG AS PICIMG,QQ_OPENID AS QQOPENID,WX_OPENID AS WXOPENID "
+ "FROM meite_user WHERE MOBILE=#{mobile};")
UserDo existMobile(@Param("mobile") String mobile);
@Select("SELECT USER_ID AS USERID ,MOBILE AS MOBILE,EMAIL AS EMAIL,PASSWORD AS PASSWORD, USER_NAME AS USER_NAME ,SEX AS SEX ,AGE AS AGE ,CREATE_TIME AS CREATETIME,IS_AVALIBLE AS ISAVALIBLE,PIC_IMG AS PICIMG,QQ_OPENID AS QQOPENID,WX_OPENID AS WXOPENID "
+ " FROM meite_user WHERE MOBILE=#{0} and password=#{1};")
UserDo login(@Param("mobile") String mobile, @Param("password") String password);
@Select("SELECT USER_ID AS USERID ,MOBILE AS MOBILE,EMAIL AS EMAIL,PASSWORD AS PASSWORD, USER_NAME AS USER_NAME ,SEX AS SEX ,AGE AS AGE ,CREATE_TIME AS CREATETIME,IS_AVALIBLE AS ISAVALIBLE,PIC_IMG AS PICIMG,QQ_OPENID AS QQOPENID,WX_OPENID AS WXOPENID"
+ " FROM meite_user WHERE user_Id=#{userId}")
UserDo findByUserId(@Param("userId") Long userId);
三、redis 与数据库数据同步(事务)
1、BaseApiService新增
// 调用数据库层判断
public Boolean toDaoResult(int result) {
return result > 0 ? true : false;
}
2、redis 工具类RedisUtil 添加事务控制api
@Component
public class RedisUtil {
@Autowired
private StringRedisTemplate stringRedisTemplate;
/**
* 存放string类型
*
* @param key
* key
* @param data
* 数据
* @param timeout
* 超时间
*/
public void setString(String key, String data, Long timeout) {
try {
stringRedisTemplate.opsForValue().set(key, data);
if (timeout != null) {
stringRedisTemplate.expire(key, timeout, TimeUnit.SECONDS);
}
} catch (Exception e) {
}
}
/**
* 开启Redis 事务
*
* @param isTransaction
*/
public void begin() {
// 开启Redis 事务权限
stringRedisTemplate.setEnableTransactionSupport(true);
// 开启事务
stringRedisTemplate.multi();
}
/**
* 提交事务
*
* @param isTransaction
*/
public void exec() {
// 成功提交事务
stringRedisTemplate.exec();
}
/**
* 回滚Redis 事务
*/
public void discard() {
stringRedisTemplate.discard();
}
/**
* 存放string类型
*
* @param key
* key
* @param data
* 数据
*/
public void setString(String key, String data) {
setString(key, data, null);
}
/**
* 根据key查询string类型
*
* @param key
* @return
*/
public String getString(String key) {
String value = stringRedisTemplate.opsForValue().get(key);
return value;
}
/**
* 根据对应的key删除key
*
* @param key
*/
public Boolean delKey(String key) {
return stringRedisTemplate.delete(key);
}
}
3、redis+数据库事务控制工具类-RedisDataSoureceTransaction
@Component
@Scope(ConfigurableListableBeanFactory.SCOPE_PROTOTYPE)
public class RedisDataSoureceTransaction {
@Autowired
private RedisUtil redisUtil;
/**
* 数据源事务管理器
*/
@Autowired
private DataSourceTransactionManager dataSourceTransactionManager;
/**
* 开始事务 采用默认传播行为
*
* @return
*/
public TransactionStatus begin() {
// 手动begin数据库事务
// 1.开启数据库的事务 事务传播行为
TransactionStatus transaction = dataSourceTransactionManager.getTransaction(new DefaultTransactionAttribute());
// 2.开启redis事务
redisUtil.begin();
return transaction;
}
/**
* 提交事务
*
* @param transactionStatus
* 事务传播行为
* @throws Exception
*/
public void commit(TransactionStatus transactionStatus) throws Exception {
if (transactionStatus == null) {
throw new Exception("transactionStatus is null");
}
// 支持Redis与数据库事务同时提交
dataSourceTransactionManager.commit(transactionStatus);
}
/**
* 回滚事务
*
* @param transactionStatus
* @throws Exception
*/
public void rollback(TransactionStatus transactionStatus) throws Exception {
if (transactionStatus == null) {
throw new Exception("transactionStatus is null");
}
// 1.回滚数据库事务 redis事务和数据库的事务同时回滚
dataSourceTransactionManager.rollback(transactionStatus);
// // 2.回滚redis事务
// redisUtil.discard();
}
// 如果redis的值与数据库的值保持不一致话
}
4、登陆接口业务逻辑事务控制
manualTransaction.begin 开启事务,
manualTransaction.commit 提交事务
manualTransaction.rollback 回滚事务
@RestController
public class MemberLoginServiceImpl extends BaseApiService<JSONObject> implements MemberLoginService {
@Autowired
private UserMapper userMapper;
@Autowired
private GenerateToken generateToken;
@Autowired
private UserTokenMapper userTokenMapper;
/**
* 手动事务工具类
*/
@Autowired
private RedisDataSoureceTransaction manualTransaction;
/**
* redis 工具类
*/
@Autowired
private RedisUtil redisUtil;
@Override
public BaseResponse<JSONObject> login(@RequestBody UserLoginInpDTO userLoginInpDTO) {
// 1.验证参数
String mobile = userLoginInpDTO.getMobile();
if (StringUtils.isEmpty(mobile)) {
return setResultError("手机号码不能为空!");
}
String password = userLoginInpDTO.getPassword();
if (StringUtils.isEmpty(password)) {
return setResultError("密码不能为空!");
}
// 判断登陆类型
String loginType = userLoginInpDTO.getLoginType();
if (StringUtils.isEmpty(loginType)) {
return setResultError("登陆类型不能为空!");
}
// 目的是限制范围
if (!(loginType.equals(Constants.MEMBER_LOGIN_TYPE_ANDROID) || loginType.equals(Constants.MEMBER_LOGIN_TYPE_IOS)
|| loginType.equals(Constants.MEMBER_LOGIN_TYPE_PC))) {
return setResultError("登陆类型出现错误!");
}
// 设备信息
String deviceInfor = userLoginInpDTO.getDeviceInfor();
if (StringUtils.isEmpty(deviceInfor)) {
return setResultError("设备信息不能为空!");
}
// 2.对登陆密码实现加密
String newPassWord = MD5Util.MD5(password);
// 3.使用手机号码+密码查询数据库 ,判断用户是否存在
UserDo userDo = userMapper.login(mobile, newPassWord);
if (userDo == null) {
return setResultError("用户名称或者密码错误!");
}
TransactionStatus transactionStatus = null;
try {
// 1.获取用户UserId
Long userId = userDo.getUserId();
// 2.生成用户令牌Key
String keyPrefix = Constants.MEMBER_TOKEN_KEYPREFIX + loginType;
// 5.根据userId+loginType 查询当前登陆类型账号之前是否有登陆过,如果登陆过 清除之前redistoken
UserTokenDo userTokenDo = userTokenMapper.selectByUserIdAndLoginType(userId, loginType);
transactionStatus = manualTransaction.begin();
// // ####开启手动事务
if (userTokenDo != null) {
// 如果登陆过 清除之前redistoken
String oriToken = userTokenDo.getToken();
// 移除Token
generateToken.removeToken(oriToken);
int updateTokenAvailability = userTokenMapper.updateTokenAvailability(oriToken);
if (updateTokenAvailability < 0) {
manualTransaction.rollback(transactionStatus);
return setResultError("系统错误");
}
}
// 4.将用户生成的令牌插入到Token记录表中
UserTokenDo userToken = new UserTokenDo();
userToken.setUserId(userId);
userToken.setLoginType(userLoginInpDTO.getLoginType());
String newToken = generateToken.createToken(keyPrefix, userId + "");
userToken.setToken(newToken);
userToken.setDeviceInfor(deviceInfor);
int result = userTokenMapper.insertUserToken(userToken);
if (!toDaoResult(result)) {
manualTransaction.rollback(transactionStatus);
return setResultError("系统错误!");
}
// #######提交事务
JSONObject data = new JSONObject();
data.put("token", newToken);
manualTransaction.commit(transactionStatus);
return setResultSuccess(data);
} catch (Exception e) {
try {
// 回滚事务
manualTransaction.rollback(transactionStatus);
} catch (Exception e1) {
}
return setResultError("系统错误!");
}
}
}