diff --git a/exam-module-system/exam-module-system-api/src/main/java/pc/exam/pp/module/system/enums/logger/LoginLogTypeEnum.java b/exam-module-system/exam-module-system-api/src/main/java/pc/exam/pp/module/system/enums/logger/LoginLogTypeEnum.java index 6242e697..e9132715 100644 --- a/exam-module-system/exam-module-system-api/src/main/java/pc/exam/pp/module/system/enums/logger/LoginLogTypeEnum.java +++ b/exam-module-system/exam-module-system-api/src/main/java/pc/exam/pp/module/system/enums/logger/LoginLogTypeEnum.java @@ -17,6 +17,7 @@ public enum LoginLogTypeEnum { LOGOUT_SELF(200), // 自己主动登出 LOGOUT_DELETE(202), // 强制退出 + LOGOUT_ADMIN_SELF(203), // 自己主动登出 ; /** diff --git a/exam-module-system/exam-module-system-biz/src/main/java/pc/exam/pp/module/system/controller/admin/auth/AuthController.java b/exam-module-system/exam-module-system-biz/src/main/java/pc/exam/pp/module/system/controller/admin/auth/AuthController.java index e0cfb26a..4f9d659f 100644 --- a/exam-module-system/exam-module-system-biz/src/main/java/pc/exam/pp/module/system/controller/admin/auth/AuthController.java +++ b/exam-module-system/exam-module-system-biz/src/main/java/pc/exam/pp/module/system/controller/admin/auth/AuthController.java @@ -8,6 +8,7 @@ import pc.exam.pp.framework.common.enums.UserTypeEnum; import pc.exam.pp.framework.common.pojo.CommonResult; import pc.exam.pp.framework.common.util.json.JsonUtils; import pc.exam.pp.framework.security.config.SecurityProperties; +import pc.exam.pp.framework.security.core.LoginUser; import pc.exam.pp.framework.security.core.util.SecurityFrameworkUtils; import pc.exam.pp.framework.tenant.core.aop.TenantIgnore; import pc.exam.pp.module.infra.dal.dataobject.config.ConfigDO; @@ -94,15 +95,15 @@ public class AuthController { @Operation(summary = "使用账号密码登录") public CommonResult login(@RequestBody @Valid AuthLoginReqVO reqVO) { // 判断账号类型 - AdminUserDO adminUserDO = userService.getUserByUsername(reqVO.getUsername()); + AdminUserDO adminUserDO = userService.getUserByUsername(reqVO.getUsername()); // 登陆非学生端,0,1 if (Integer.parseInt(reqVO.getUserType()) <= 1) { - if (Integer.parseInt(adminUserDO.getUserType()) == 2) return error(STUDENT_USERNAME_LOGIN); + if (Integer.parseInt(adminUserDO.getUserType()) == 2) return error(STUDENT_USERNAME_LOGIN); } if (Integer.parseInt(reqVO.getUserType()) == 2) { - if (Integer.parseInt(adminUserDO.getUserType()) <= 1) return error(STUDENT_USERNAME_NOTLOGIN); + if (Integer.parseInt(adminUserDO.getUserType()) <= 1) return error(STUDENT_USERNAME_NOTLOGIN); } - Set oauth2_access_token_set = stringRedisTemplate.keys("oauth2_access_token:*"); + Set oauth2_access_token_set = stringRedisTemplate.keys("oauth2_access_token:*"); for (String oauth2_access_token : oauth2_access_token_set) { OAuth2AccessTokenDO oAuth2AccessTokenDO = JsonUtils.parseObject(stringRedisTemplate.opsForValue().get(oauth2_access_token), OAuth2AccessTokenDO.class); // 判断账号是否登录过 @@ -118,13 +119,20 @@ public class AuthController { @PermitAll @Operation(summary = "登出系统") public CommonResult logout(HttpServletRequest request) { - String token = SecurityFrameworkUtils.obtainAuthorization(request, - securityProperties.getTokenHeader(), securityProperties.getTokenParameter()); - if (StrUtil.isNotBlank(token)) { - authService.logout(token, LoginLogTypeEnum.LOGOUT_SELF.getType()); + String loginUserName = SecurityFrameworkUtils.getLoginUserName(); + // 查询所有已经登录的信息 + Set oauth2_access_token_set = stringRedisTemplate.keys("oauth2_access_token:*"); + for (String oauth2_access_token : oauth2_access_token_set) { + OAuth2AccessTokenDO oAuth2AccessTokenDO = JsonUtils.parseObject(stringRedisTemplate.opsForValue().get(oauth2_access_token), OAuth2AccessTokenDO.class); + // 判断账号是否登录过 + if (oAuth2AccessTokenDO != null && oAuth2AccessTokenDO.getUserInfo().get("username").equals(loginUserName)) { + String token = oauth2_access_token.split(":")[1]; + authService.logout(token, LoginLogTypeEnum.LOGOUT_SELF.getType()); + } } return success(true); } + @PostMapping("/refreshLogout") @PermitAll @TenantIgnore @@ -135,17 +143,19 @@ public class AuthController { if (!config.getValue().equals(loginoutVo.getLoginOutPassword())) { return CommonResult.error(900002, "系统管理员密码错误!"); } - Set oauth2_access_token_set = stringRedisTemplate.keys("oauth2_access_token:*"); + Set oauth2_access_token_set = stringRedisTemplate.keys("oauth2_access_token:*"); for (String oauth2_access_token : oauth2_access_token_set) { OAuth2AccessTokenDO oAuth2AccessTokenDO = JsonUtils.parseObject(stringRedisTemplate.opsForValue().get(oauth2_access_token), OAuth2AccessTokenDO.class); // 判断账号是否登录过 - if (oAuth2AccessTokenDO.getUserInfo().get("username").equals(loginoutVo.getUsername())) { + if (oAuth2AccessTokenDO != null && oAuth2AccessTokenDO.getUserInfo().get("username").equals(loginoutVo.getUsername())) { // 说明登录了,别的地方登录了,请重新登录 - stringRedisTemplate.opsForValue().getAndDelete(oauth2_access_token); + String token = oauth2_access_token.split(":")[1]; + authService.logout(token, LoginLogTypeEnum.LOGOUT_ADMIN_SELF.getType()); } } return success("退出成功,请重新输入用户名密码登录!"); } + @PostMapping("/refresh-token") @PermitAll @Operation(summary = "刷新令牌")