mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-06 17:08:29 +08:00
SessionManager
This commit is contained in:
MaxKey
parent
5f0f1fa7e0
commit
69aa4f27ad
@ -37,6 +37,8 @@ public class AbstractSessionManager implements SessionManager{
|
||||
|
||||
protected JdbcTemplate jdbcTemplate;
|
||||
|
||||
protected int validitySeconds = 60 * 30; //default 30 minutes.
|
||||
|
||||
private static final String DEFAULT_DEFAULT_SELECT_STATEMENT =
|
||||
"select id,sessionid,userId,username,displayname,logintime from mxk_history_login where sessionstatus = 1";
|
||||
|
||||
|
||||
@ -34,13 +34,19 @@ public class InMemorySessionManager extends AbstractSessionManager{
|
||||
|
||||
protected static Cache<String, Session> sessionStore =
|
||||
Caffeine.newBuilder()
|
||||
.expireAfterWrite(30, TimeUnit.MINUTES)
|
||||
.maximumSize(200000)
|
||||
.expireAfterWrite(10, TimeUnit.MINUTES)
|
||||
.maximumSize(2000000)
|
||||
.build();
|
||||
|
||||
public InMemorySessionManager(JdbcTemplate jdbcTemplate) {
|
||||
public InMemorySessionManager(JdbcTemplate jdbcTemplate,int validitySeconds) {
|
||||
super();
|
||||
this.jdbcTemplate = jdbcTemplate;
|
||||
sessionStore =
|
||||
Caffeine.newBuilder()
|
||||
.expireAfterWrite(validitySeconds, TimeUnit.SECONDS)
|
||||
.maximumSize(2000000)
|
||||
.build();
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -65,7 +71,7 @@ public class InMemorySessionManager extends AbstractSessionManager{
|
||||
public void setValiditySeconds(int validitySeconds) {
|
||||
sessionStore =
|
||||
Caffeine.newBuilder()
|
||||
.expireAfterWrite(validitySeconds/60, TimeUnit.MINUTES)
|
||||
.expireAfterWrite(validitySeconds, TimeUnit.SECONDS)
|
||||
.maximumSize(200000)
|
||||
.build();
|
||||
|
||||
|
||||
@ -30,8 +30,6 @@ import org.springframework.jdbc.core.JdbcTemplate;
|
||||
public class RedisSessionManager extends AbstractSessionManager {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(RedisSessionManager.class);
|
||||
|
||||
protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes.
|
||||
|
||||
RedisConnectionFactory connectionFactory;
|
||||
|
||||
public static String PREFIX="REDIS_SESSION_";
|
||||
@ -40,10 +38,11 @@ public class RedisSessionManager extends AbstractSessionManager {
|
||||
*/
|
||||
public RedisSessionManager(
|
||||
RedisConnectionFactory connectionFactory,
|
||||
JdbcTemplate jdbcTemplate) {
|
||||
JdbcTemplate jdbcTemplate,int validitySeconds) {
|
||||
super();
|
||||
this.connectionFactory = connectionFactory;
|
||||
this.jdbcTemplate = jdbcTemplate;
|
||||
this.validitySeconds = validitySeconds;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -58,9 +57,9 @@ public class RedisSessionManager extends AbstractSessionManager {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void create(String sessionId, Session ticket) {
|
||||
public void create(String sessionId, Session session) {
|
||||
RedisConnection conn = connectionFactory.getConnection();
|
||||
conn.setexObject(PREFIX + sessionId, serviceTicketValiditySeconds, ticket);
|
||||
conn.setexObject(PREFIX + sessionId, validitySeconds, session);
|
||||
conn.close();
|
||||
}
|
||||
|
||||
@ -81,10 +80,13 @@ public class RedisSessionManager extends AbstractSessionManager {
|
||||
return session;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setValiditySeconds(int validitySeconds) {
|
||||
this.serviceTicketValiditySeconds = validitySeconds;
|
||||
|
||||
public int getValiditySeconds() {
|
||||
return validitySeconds;
|
||||
}
|
||||
|
||||
public void setValiditySeconds(int validitySeconds) {
|
||||
this.validitySeconds = validitySeconds;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@ -30,17 +30,18 @@ public class SessionManagerFactory {
|
||||
public SessionManager getManager(
|
||||
int persistence,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory redisConnFactory){
|
||||
|
||||
RedisConnectionFactory redisConnFactory,
|
||||
int validitySeconds){
|
||||
SessionManager sessionService = null;
|
||||
if (persistence == ConstsPersistence.INMEMORY) {
|
||||
sessionService = new InMemorySessionManager(jdbcTemplate);
|
||||
_logger.debug("InMemorySessionService");
|
||||
sessionService = new InMemorySessionManager(jdbcTemplate,validitySeconds);
|
||||
_logger.debug("InMemorySessionManager");
|
||||
} else if (persistence == ConstsPersistence.JDBC) {
|
||||
_logger.debug("JdbcSessionService not support ");
|
||||
} else if (persistence == ConstsPersistence.REDIS) {
|
||||
sessionService = new RedisSessionManager(redisConnFactory,jdbcTemplate);
|
||||
_logger.debug("RedisSessionService");
|
||||
sessionService = new RedisSessionManager(
|
||||
redisConnFactory,jdbcTemplate,validitySeconds);
|
||||
_logger.debug("RedisSessionManager");
|
||||
}
|
||||
|
||||
return sessionService;
|
||||
|
||||
@ -89,8 +89,8 @@ public abstract class AbstractRemeberMeService {
|
||||
return true;
|
||||
}
|
||||
|
||||
public RemeberMe resolve(String rememberMeToken) throws ParseException {
|
||||
JWTClaimsSet claims = authJwtService.resolve(rememberMeToken);
|
||||
public RemeberMe resolve(String rememberMeJwt) throws ParseException {
|
||||
JWTClaimsSet claims = authJwtService.resolve(rememberMeJwt);
|
||||
RemeberMe remeberMe = new RemeberMe();
|
||||
remeberMe.setId(claims.getJWTID());
|
||||
remeberMe.setUsername(claims.getSubject());
|
||||
@ -117,8 +117,10 @@ public abstract class AbstractRemeberMeService {
|
||||
}
|
||||
|
||||
public void setValidity(Integer validity) {
|
||||
if(validity != 0 ) {
|
||||
this.validity = validity;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -50,10 +50,14 @@ public class JdbcRemeberMeService extends AbstractRemeberMeService {
|
||||
public JdbcRemeberMeService(
|
||||
JdbcTemplate jdbcTemplate,
|
||||
ApplicationConfig applicationConfig,
|
||||
AuthJwtService authJwtService) {
|
||||
AuthJwtService authJwtService,
|
||||
int validity) {
|
||||
this.jdbcTemplate = jdbcTemplate;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.authJwtService = authJwtService;
|
||||
if(validity != 0) {
|
||||
this.validity = validity;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -70,7 +70,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
return new SavedRequestAwareAuthenticationSuccessHandler();
|
||||
}
|
||||
|
||||
@Bean(name = "authenticationProvider")
|
||||
@Bean
|
||||
public AbstractAuthenticationProvider authenticationProvider(
|
||||
AbstractAuthenticationProvider normalAuthenticationProvider,
|
||||
AbstractAuthenticationProvider mobileAuthenticationProvider,
|
||||
@ -100,7 +100,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
);
|
||||
}
|
||||
|
||||
@Bean(name = "mobileAuthenticationProvider")
|
||||
@Bean
|
||||
public AbstractAuthenticationProvider mobileAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
@ -116,7 +116,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
);
|
||||
}
|
||||
|
||||
@Bean(name = "trustedAuthenticationProvider")
|
||||
@Bean
|
||||
public AbstractAuthenticationProvider trustedAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
@ -130,7 +130,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
);
|
||||
}
|
||||
|
||||
@Bean(name = "authJwtService")
|
||||
@Bean
|
||||
public AuthJwtService authJwtService(
|
||||
AuthJwkConfig authJwkConfig,
|
||||
RedisConnectionFactory redisConnFactory,
|
||||
@ -162,23 +162,22 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
otpAuthnService.setRedisOptTokenStore(redisOptTokenStore);
|
||||
}
|
||||
|
||||
|
||||
_logger.debug("OneTimePasswordService {} inited." ,
|
||||
persistence == ConstsPersistence.REDIS ? "Redis" : "InMemory");
|
||||
return otpAuthnService;
|
||||
}
|
||||
|
||||
@Bean(name = "passwordPolicyValidator")
|
||||
@Bean
|
||||
public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
|
||||
return new PasswordPolicyValidator(jdbcTemplate,messageSource);
|
||||
}
|
||||
|
||||
@Bean(name = "loginRepository")
|
||||
@Bean
|
||||
public LoginRepository loginRepository(JdbcTemplate jdbcTemplate) {
|
||||
return new LoginRepository(jdbcTemplate);
|
||||
}
|
||||
@Bean(name = "loginHistoryRepository")
|
||||
public LoginHistoryRepository LoginHistoryRepository(JdbcTemplate jdbcTemplate) {
|
||||
@Bean
|
||||
public LoginHistoryRepository loginHistoryRepository(JdbcTemplate jdbcTemplate) {
|
||||
return new LoginHistoryRepository(jdbcTemplate);
|
||||
}
|
||||
|
||||
@ -188,12 +187,12 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
@Value("${maxkey.server.persistence}") int persistence,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory redisConnFactory,
|
||||
@Value("${server.servlet.session.timeout:1800}") int timeout
|
||||
@Value("${maxkey.session.timeout:1800}") int timeout
|
||||
) {
|
||||
_logger.trace("session timeout " + timeout);
|
||||
SessionManager sessionManager =
|
||||
new SessionManagerFactory().getManager(persistence, jdbcTemplate, redisConnFactory);
|
||||
sessionManager.setValiditySeconds(timeout);
|
||||
_logger.trace("onlineTicket timeout " + timeout);
|
||||
new SessionManagerFactory().getManager(
|
||||
persistence, jdbcTemplate, redisConnFactory,timeout);
|
||||
return sessionManager;
|
||||
}
|
||||
|
||||
@ -209,7 +208,9 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
ApplicationConfig applicationConfig,
|
||||
AuthJwtService authJwtService,
|
||||
JdbcTemplate jdbcTemplate) {
|
||||
return new JdbcRemeberMeService(jdbcTemplate,applicationConfig,authJwtService);
|
||||
_logger.trace("init remeberMeService , validity {}." , validity);
|
||||
return new JdbcRemeberMeService(
|
||||
jdbcTemplate,applicationConfig,authJwtService,validity);
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
||||
@ -34,6 +34,12 @@ public class AuthJwkConfig {
|
||||
@Value("${maxkey.auth.jwt.secret}")
|
||||
String secret;
|
||||
|
||||
@Value("${maxkey.session.timeout}")
|
||||
String refreshExpire;
|
||||
|
||||
@Value("${maxkey.auth.jwt.refresh.secret}")
|
||||
String refreshSecret;
|
||||
|
||||
public AuthJwkConfig() {
|
||||
super();
|
||||
}
|
||||
|
||||
@ -108,13 +108,13 @@ public class LoginEntryPoint {
|
||||
@Operation(summary = "登录接口", description = "用户登录地址",method="GET")
|
||||
@RequestMapping(value={"/get"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> get(
|
||||
@RequestParam(value = "remember_me", required = false) String rememberMeToken) {
|
||||
@RequestParam(value = "remember_me", required = false) String rememberMeJwt) {
|
||||
_logger.debug("/get.");
|
||||
//Remember Me
|
||||
if(StringUtils.isNotBlank(rememberMeToken)
|
||||
&& authJwtService.validateJwtToken(rememberMeToken)) {
|
||||
if(StringUtils.isNotBlank(rememberMeJwt)
|
||||
&& authJwtService.validateJwtToken(rememberMeJwt)) {
|
||||
try {
|
||||
RemeberMe remeberMe = remeberMeService.resolve(rememberMeToken);
|
||||
RemeberMe remeberMe = remeberMeService.resolve(rememberMeJwt);
|
||||
if(remeberMe != null) {
|
||||
LoginCredential credential = new LoginCredential();
|
||||
String remeberMeJwt = remeberMeService.updateRemeberMe(remeberMe);
|
||||
@ -209,9 +209,9 @@ public class LoginEntryPoint {
|
||||
* @return
|
||||
*/
|
||||
@RequestMapping(value={"/congress"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> congress( @RequestBody LoginCredential loginCredential) {
|
||||
if(StringUtils.isNotBlank(loginCredential.getCongress())){
|
||||
AuthJwt authJwt = authJwtService.consumeCongress(loginCredential.getCongress());
|
||||
public ResponseEntity<?> congress( @RequestBody LoginCredential credential) {
|
||||
if(StringUtils.isNotBlank(credential.getCongress())){
|
||||
AuthJwt authJwt = authJwtService.consumeCongress(credential.getCongress());
|
||||
if(authJwt != null) {
|
||||
return new Message<AuthJwt>(authJwt).buildResponse();
|
||||
}
|
||||
|
||||
@ -17,10 +17,12 @@
|
||||
############################################################################
|
||||
#server port
|
||||
server.port =${SERVER_PORT:8080}
|
||||
#session default 1800
|
||||
#session default 600
|
||||
#600s =10m
|
||||
#1800s =30m
|
||||
#3600s =1h
|
||||
#28800s =8h
|
||||
server.servlet.session.timeout =${SERVER_SESSION_TIMEOUT:1800}
|
||||
server.servlet.session.timeout =${SERVLET_SESSION_TIMEOUT:600}
|
||||
#server context path
|
||||
server.servlet.context-path =/maxkey
|
||||
#nacos discovery
|
||||
@ -49,11 +51,12 @@ maxkey.server.persistence =${SERVER_PERSISTENCE:0}
|
||||
maxkey.server.message.queue =${SERVER_MESSAGE_QUEUE:none}
|
||||
#issuer name
|
||||
maxkey.app.issuer =CN=ConSec,CN=COM,CN=SH
|
||||
#must > jwt expire * 2
|
||||
maxkey.session.timeout =${SERVER_SESSION_TIMEOUT:1800}
|
||||
|
||||
maxkey.auth.jwt.issuer =${maxkey.server.uri}
|
||||
maxkey.auth.jwt.expire =86400
|
||||
maxkey.auth.jwt.expire =600
|
||||
maxkey.auth.jwt.secret =7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
|
||||
maxkey.auth.jwt.refresh.expire =86400
|
||||
maxkey.auth.jwt.refresh.secret =7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
|
||||
############################################################################
|
||||
#Login configuration #
|
||||
@ -72,7 +75,7 @@ maxkey.login.kerberos =false
|
||||
maxkey.login.wsfederation =false
|
||||
#remeberme
|
||||
maxkey.login.remeberme =${LOGIN_REMEBERME:true}
|
||||
#validity
|
||||
#validity day
|
||||
maxkey.login.remeberme.validity =0
|
||||
#JWT support
|
||||
maxkey.login.jwt =${LOGIN_JWT:true}
|
||||
|
||||
@ -17,10 +17,12 @@
|
||||
############################################################################
|
||||
#server port
|
||||
server.port =${SERVER_PORT:443}
|
||||
#session default 1800
|
||||
#session default 600
|
||||
#600s =10m
|
||||
#1800s =30m
|
||||
#3600s =1h
|
||||
#28800s =8h
|
||||
server.servlet.session.timeout =${SERVER_SESSION_TIMEOUT:1800}
|
||||
server.servlet.session.timeout =${SERVLET_SESSION_TIMEOUT:600}
|
||||
#server context path
|
||||
server.servlet.context-path =/maxkey
|
||||
#nacos discovery
|
||||
@ -45,10 +47,13 @@ maxkey.server.persistence =${SERVER_PERSISTENCE:0}
|
||||
maxkey.server.message.queue =${SERVER_MESSAGE_QUEUE:none}
|
||||
#issuer name
|
||||
maxkey.app.issuer =CN=ConSec,CN=COM,CN=SH
|
||||
#must > jwt expire * 2
|
||||
maxkey.session.timeout =${SERVER_SESSION_TIMEOUT:1800}
|
||||
|
||||
maxkey.auth.jwt.expire =86400
|
||||
maxkey.auth.jwt.issuer =${maxkey.server.uri}
|
||||
maxkey.auth.jwt.expire =600
|
||||
maxkey.auth.jwt.secret =7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
|
||||
maxkey.auth.jwt.refresh.secret =7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
|
||||
############################################################################
|
||||
#Login configuration #
|
||||
############################################################################
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user