思路:
1,用户注册成功
2,生成个人信息的唯一标识,uuid、token,存入数据库和redis中
3,每次请求API(接口)直接去redis和数据库中去获取
4,重新登录后,需要把以前在其他设备上的账号挤下去
5,生成新的token
6,根据重新登录的手机号,查询出原先的用户token
7,删除原先的token这个key
8,将新的token存入redis中,更新数据库信息
9,这样就可以挤下之前的在其他设备上登录的用户。
一般用拦截器来实现:
public class PassengerTokenInterceptor extends HandlerInterceptorAdapter {
@Reference
PassengerService passengerService;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
PrintWriter out = response.getWriter();
String token = request.getHeader(Constants.TOKEN_KEY);
if (StringUtils.isBlank(token)) {
token = request.getParameter(Constants.TOKEN_KEY);
}
if (StringUtils.isBlank(token)) {
outPrint(out,createJsonObject(Constants.ERR_MSG_LOGIN_VIOLATION, Constants.ERR_CODE_NO_TOKEN, false, null));
return false;
}
Map<String, String> tokenResult = passengerService.getPassengerCachedByToken(token);
if (StringUtil.isNull(tokenResult) ) {
outPrint(out,createJsonObject(Constants.ERR_MSG_LOGIN_OTHER, Constants.ERR_CODE_OTHER_TOKEN, false, null));
return false;
}
if (StringUtil.isNull(tokenResult.get("uuid")) ) {
outPrint(out,createJsonObject(Constants.ERR_MSG_LOGIN_OTHER, Constants.ERR_CODE_OTHER_TOKEN, false, null));
return false;
}
//封号拦截
String status = tokenResult.get("status");
if(StringUtil.isNotNull(status)){
Integer intStatus = Integer.parseInt(status);
if(intStatus==Constants.DRIVER_STATUS_SHORT_CLOSE||intStatus==Constants.DRIVER_STATUS_LONG_CLOSE){
outPrint(out,createJsonObject(Constants.ERR_MSG_LOGIN_USER_CLOSE, Constants.ERR_CODE_PASSENGER_STATUS_INVALID, false, null));
return false;
}
}
String uuid = tokenResult.get("uuid");
request.setAttribute("uuid", uuid);
response.reset();
return true;
}
/**
* 输出错误
* @param jsonObject
*/
private void outPrint(PrintWriter out,JSONObject jsonObject){
String isEncrypt = PropertiesLoader.getResourcesLoader().getProperty("isEncrypt");
boolean isEncryptFlag = StringUtil.isNotEmpty(isEncrypt)&&"1".equals(isEncrypt);
if(isEncryptFlag){
out.print(RsaUtil.doUrlAndEncrypt(jsonObject));
}else{
out.print(jsonObject);
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object o, Exception e) throws Exception {
}
public JSONObject createJsonObject(String msg, int errCode, boolean result, Object data) {
JSONObject jsonObject = new JSONObject();
jsonObject.put("msg", msg);
jsonObject.put("errCode", errCode);
jsonObject.put("success", result);
jsonObject.put("data", data);
return jsonObject;
}
}
写个baseApi来获取用户的uuid
public class BaseApi {
/**
* 根据TOKEN获取缓存乘客基本信息
* {uuid、nickName、sex、mobile、face}
*
* @param passengerService
* @param tokenKey
* @return
*/
public Map<String, String> getPassengerByToken4Cache(PassengerService passengerService, String tokenKey) {
Map<String, String> tokenResult = passengerService.getPassengerCachedByToken(tokenKey);
return tokenResult;
}
/**
* 根据TOKEN获取缓存司机基本信息
* {name、mobile、sex、face、uuid、plateNum、companyName}
*
* @param driverService
* @param tokenKey
* @return
*/
public Map<String, String> getDriverByToken4Cache(DriverService driverService, String tokenKey) {
Map<String, String> tokenResult = driverService.getDriverCachedByToken(tokenKey);
return tokenResult;
}
public static String getUserUid(HttpServletRequest request) {
Object uuid = request.getAttribute("uuid");
return null != uuid ? uuid.toString() : null;
}
public static String getUserIP(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
}
拦截器的配置就不一一列出来了
<!--乘客端token拦截器-->
<mvc:interceptor>
<mvc:mapping path="/api/v1/passenger/token/**" />
<mvc:mapping path="/api/v2/passenger/**" />
<mvc:mapping path="/api/v3/passenger/**" />
<mvc:mapping path="/wx/token/**" />
<!--排除token校验过滤-->
<mvc:exclude-mapping path="/api/v3/passenger/loginOverseas/login"/>
<mvc:exclude-mapping path="/api/v3/passenger/order/listCarLevelOverseas"/>
<bean class="com.summersoft.interceptor.PassengerTokenInterceptor" />
</mvc:interceptor>
</mvc:interceptors>