Java项目实战-SSO

Posted on 2018-07-28 | In Java | |

创建一个新工程zheyi-sso，要用到Redis和DB。

注册

在注册用户之前，要先检查注册的用户信息的正确性。

Service

/*
 * check user date
 * @see com.izheyi.sso.service.SsoService#checkUserData(java.lang.String, java.lang.Integer)
 */
@Override
public TaotaoResult checkUserData(String content, Integer type) {
	TbUserExample userExample = new TbUserExample();
	Criteria criteria = userExample.createCriteria();
	
	if (type == 1) {
		criteria.andUsernameEqualTo(content);
	}else if (type == 2) {
		criteria.andPhoneEqualTo(content);
	}else {
		criteria.andEmailEqualTo(content);
	}
	
	List<TbUser> list = userMapper.selectByExample(userExample);
	if (list == null || list.size() == 0) {
		return TaotaoResult.ok(true);
	}
	
	return TaotaoResult.ok(false);
}

/*
 * create user
 * @see com.izheyi.sso.service.SsoService#createUser(com.izheyi.pojo.TbUser)
 */
@Override
public TaotaoResult createUser(TbUser user) {
	user.setCreated(new Date());
	user.setUpdated(new Date());
	
	user.setPassword(DigestUtils.md5DigestAsHex(user.getPassword().getBytes()));
	userMapper.insert(user);
	
	return TaotaoResult.ok();
}

Controller

/*
	 * check user data
	 */
	@RequestMapping("/check/{param}/{type}")
	@ResponseBody
	public Object checkUserData(@PathVariable String param, @PathVariable Integer type, String callback) {
		
		TaotaoResult result = null;
		try {
			result = ssoService.checkUserData(param, type);
		} catch (Exception e) {
			e.printStackTrace();
		}
		
		if (!StringUtils.isBlank(callback)) {
			MappingJacksonValue mappingJacksonValue = new MappingJacksonValue(result);
			mappingJacksonValue.setJsonpFunction(callback);
			return mappingJacksonValue;
		}else {
			return result;
		}
	}
	
	/*
	 * create user
	 */
	@RequestMapping(value="/register", method=RequestMethod.POST)
	@ResponseBody
	public TaotaoResult createUser(TbUser user) {
		TaotaoResult result = null;
		
		try {
			result = ssoService.createUser(user);
			
		} catch (Exception e) {
			e.printStackTrace();
		}
		
		return result;
	}

登录

Service

@Override
	public TaotaoResult userLogin(String username, String password) {
		TbUserExample example = new TbUserExample();
		Criteria criteria = example.createCriteria();
		
		// username
		criteria.andUsernameEqualTo(username);
		List<TbUser> list = userMapper.selectByExample(example);
		
		if (list == null || list.size() == 0) {
			return TaotaoResult.build(400, "username or password wrong");
		}
		
		// password
		TbUser user = list.get(0);
		if (!DigestUtils.md5DigestAsHex(password.getBytes()).equals(user.getPassword())) {
			return TaotaoResult.build(400, "username or password wrong");
		}
		
		// token
		String token = UUID.randomUUID().toString();
		
		// add redis
		redisPool.set(SSO_SESSION_KEY + ":" + token, JsonUtils.objectToJson(user));
		redisPool.expire(SSO_SESSION_KEY + ":" + token, SSO_SESSION_EXPIRE);
		
		//return token
		return TaotaoResult.ok(token);
	}

Controller

@RequestMapping(value="/login", method=RequestMethod.POST)
@ResponseBody
public TaotaoResult userLogin(String username, String password){
	try {
		TaotaoResult result = ssoService.userLogin(username, password);
		return result;
	} catch (Exception e) {
		e.printStackTrace();
		return TaotaoResult.build(500, ExceptionUtil.getStackTrace(e));
	}
}

查询用户 By Token

Service

@Override
public TaotaoResult getUserByToken(String token) {
	String result = redisPool.get(SSO_SESSION_KEY + ":" + token);
	
	if (StringUtils.isBlank(result)) {
		return TaotaoResult.build(400, "session expired, please relogin");
	}
	
	redisPool.expire(SSO_SESSION_KEY + ":" + token, SSO_SESSION_EXPIRE);
	
	return TaotaoResult.ok(JsonUtils.jsonToPojo(result, TbUser.class));
}

Controller

@RequestMapping("/token/{token}")
@ResponseBody
public Object getUserByToken(@PathVariable String token, String callback) {
	TaotaoResult result = null;
	
	try {
		result = ssoService.getUserByToken(token);
	} catch (Exception e) {
		e.printStackTrace();
		result = TaotaoResult.build(500, ExceptionUtil.getStackTrace(e));
	}
	
	if (!StringUtils.isBlank(callback)) {
		MappingJacksonValue mappingJacksonValue = new MappingJacksonValue(result);
		mappingJacksonValue.setJsonpFunction(callback);
		return mappingJacksonValue;
	}else {
		return result;
	}
	
}

实现SSO功能

@Controller
@RequestMapping("/user")
public class UserController {
	
	@RequestMapping("/register")
	public String registerPage() {
		return "register";
	}
	
	@RequestMapping("/login")
	public String loginPage(String redirect, Model model) {
		model.addAttribute("redirect", redirect);
		return "login";
	}
}

这，登录和注册的功能在SSO系统中完成，其他系统可调用。

欢迎您扫一扫上面的微信公众号，订阅我的博客！

分享创造价值，您的支持将鼓励我继续前行！

Post author: 唐胡璐
Post link: http://izheyi.com/2018/07/28/Java项目实战-SSO/
Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.