java代码中使用redis
一:短信验证码登陆-基于Redis实现共享session登录
首先是发送验证码
public Result sendCode(String phone, HttpSession session) {
// 手机号格式校验
boolean phoneInvalid = RegexUtils.isPhoneInvalid(phone);
//格式错误返回
if(phoneInvalid){
return Result.fail("请输入正确手机号");
}
//生成验证码
String code = RandomUtil.randomNumbers(6);
//存到redis
String numKey = LOGIN_CODE_KEY + phone;
stringRedisTemplate.opsForValue().set(numKey,code);
//有效期
stringRedisTemplate.expire(numKey, Duration.ofMinutes(LOGIN_CODE_TTL));
//模拟发送短信 ==后续接上短信发送api,
log.debug("发送验证码成功{}",code);
return Result.ok();
}
用户登录的校验
public Result login(LoginFormDTO loginForm, HttpSession session) {
String phone = loginForm.getPhone();
//校验手机号
boolean phoneInvalid = RegexUtils.isPhoneInvalid(phone);
if(phoneInvalid){
return Result.fail("请输入正确手机号");
}
String phoneKey = LOGIN_CODE_KEY+phone;
//校验验证码 从redis中获取
String cacheCode = stringRedisTemplate.opsForValue().get(phoneKey);
log.debug("验证码key{},value{}",phoneKey,cacheCode);
String code = loginForm.getCode();
log.debug("code{}",code);
//不一致报错
if(cacheCode == null || ! cacheCode.equals(code)){
return Result.fail("验证码不正确");
}
//根据手机号查询用户
User user = query().eq("phone", phone).one();
if(user == null){
//判断用户是否存在
//不存在 创建新用户 存到数据库
user = createUserByPhone(phone);
}
//生成token
String token = UUID.randomUUID(true).toString();
String tokenKey=LOGIN_USER_KEY+token;
//对象拷贝
UserDTO userDTO = BeanUtil.copyProperties(user, UserDTO.class);
//对象转为map存到redis
Map<String, Object> userDtoMap = BeanUtil.beanToMap(
userDTO,new HashMap<>(),
CopyOptions.create()
.setIgnoreNullValue(true)
.setFieldValueEditor( (fileName,fileValue) -> fileValue.toString() )
);
//保存用户信息到redis中 hash存储
stringRedisTemplate.opsForHash().putAll(tokenKey,userDtoMap);
//设置过期时间
stringRedisTemplate.expire(tokenKey,Duration.ofMinutes(LOGIN_USER_TTL));
return Result.ok(token);
}
配置拦截器(一:token刷新,二:权限拦截)
token刷新
/**
* 拦截器
* 全部拦截,目的刷新token
*/
public class RefreshLoginInterceptor implements HandlerInterceptor {
private StringRedisTemplate stringRedisTemplate;
public RefreshLoginInterceptor(StringRedisTemplate redisTemplate) {
this.stringRedisTemplate = redisTemplate;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//从请求头中获取token
String token = request.getHeader("authorization");
String tokenKey=LOGIN_USER_KEY+token;
if(Strings.isBlank(token)){
//没有也不用管,让第二个拦截器去处理
return true;
}
//获根据token去redis中获取用户信息
Map<Object, Object> userMap = stringRedisTemplate.opsForHash().entries(tokenKey);
//判断用户是否存在
if(userMap.isEmpty()){
//没有也不用管,让第二个拦截器去处理
return true;
}
//查到了就刷新token,只要用户在访问页面就可以自动完成token的刷新
//将查询到的哈希转为对象
UserDTO userDTO = BeanUtil.fillBeanWithMap(userMap, new UserDTO(), false);
//刷新token有效期
stringRedisTemplate.expire(tokenKey, Duration.ofMinutes(LOGIN_USER_TTL));
//存在,保存用户信息到ThreadLocal
UserHolder.saveUser(userDTO);
return true;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
//移除用户信息
UserHolder.removeUser();
}
}
对象存到当前线程的方法
public class UserHolder {
private static final ThreadLocal<UserDTO> tl = new ThreadLocal<>();
public static void saveUser(UserDTO user){
tl.set(user);
}
public static UserDTO getUser(){
return tl.get();
}
public static void removeUser(){
tl.remove();
}
}
权限拦截
order() 方法数字小的优先执行
/**
* 拦截器配置
*/
@Configuration
public class MvcConfig implements WebMvcConfigurer {
@Resource
StringRedisTemplate stringRedisTemplate;
@Override
public void addInterceptors(InterceptorRegistry registry) {
//过滤不需要拦截的接口
registry.addInterceptor(new LoginInterceptor())
.excludePathPatterns(
"/user/code",
"/user/login",
"/blog/hot",
"/shop/**",
"/shop-type/**",
"/upload/**",
"/voucher/**"
).order(1);
registry.addInterceptor(new RefreshLoginInterceptor(stringRedisTemplate)).addPathPatterns("/**").order(0);
}
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
