问题:
前后端分离项目,前端发送验证码到后端,存储到session中,遇到一个问题,比如先获取验证码,取到验证码再去发注册请求,此时两次session不同,则取不到验证码,找了好久不知道什么问题,百度了一些资料,最终定位跨域问题,导致每一次请求的session都会重新生成
解决方法:
1.创建一个session工具类用来存储session或者清除session
package cn.com.infosec.netseal.webclient.util;
import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.Map;
/**
* @description:
* @Author ztt
* @create: 2021-10-21 15:11
*/
public class SessionContextUtils {
private static SessionContextUtils instance;
private HashMap<String, Map<String , Object>> sessionMap;
private SessionContextUtils() {
sessionMap = new HashMap<>();
}
public static SessionContextUtils getInstance() {
if (instance == null) {
instance = new SessionContextUtils();
}
return instance;
}
public synchronized void addSession(HttpSession session) {
// 删除过期
for(String key : sessionMap.keySet()){
Map sessionMap_ = sessionMap.get(key);
if((Long.valueOf(sessionMap_.get("expireTime").toString()) + 60*1000) > System.currentTimeMillis()){
sessionMap.remove(key);
}
}
if (session != null) {
Map<String , Object> sessionMap_ = new HashMap<>();
String expireTime = String.valueOf(System.currentTimeMillis());
sessionMap_.put("expireTime", expireTime);
sessionMap_.put("session", session);
sessionMap.put(session.getId(), sessionMap_);
}
}
public synchronized void delSession(HttpSession session) {
if (session != null) {
sessionMap.remove(session.getId());
}
}
public synchronized HttpSession getSession(String sessionID) {
if (sessionID == null) {
return null;
}
Map session = sessionMap.get(sessionID);
if(session == null){
return null;
}
return (HttpSession)session.get("session");
}
}
2.监听session
package cn.com.infosec.netseal.webclient.config;
import cn.com.infosec.netseal.webclient.util.SessionContextUtils;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
/**
* @description:
* @Author ztt
* @create: 2021-10-21 15:10
*/
@WebListener
public class SessionListener implements HttpSessionListener {
private SessionContextUtils sessionContext= SessionContextUtils.getInstance();
@Override
public void sessionCreated(HttpSessionEvent httpSessionEvent) {
HttpSession session = httpSessionEvent.getSession();
sessionContext.addSession(session);
}
@Override
public void sessionDestroyed(HttpSessionEvent httpSessionEvent) {
HttpSession session = httpSessionEvent.getSession();
sessionContext.delSession(session);
}
}
3.在启动类加上@ServletComponentScan注解
4.验证码生成
5.验证验证码