5.26

实现了博客的退出登录
使用SpringSecurity框架，配合redis和token实现

package com.huanf.controller; import com.huanf.domain.ResponseResult; import com.huanf.domain.User; import com.huanf.enums.AppHttpCodeEnum; import com.huanf.exception.SystemException; import com.huanf.service.BlogLoginService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; /** * @author 35238 * @date 2023/7/22 0022 21:31 */ @RestController public class BlogLoginController { @Autowired //BlogLoginService是我们在service目录写的接口 private BlogLoginService blogLoginService; @PostMapping("/login") //ResponseResult是我们在huanf-framework工程里面写的实体类 public ResponseResult login(@RequestBody User user){ //如果用户在进行登录时，没有传入'用户名' if(!StringUtils.hasText(user.getUserName())){ // 提示'必须要传用户名'。AppHttpCodeEnum是我们写的枚举类。SystemException是我们写的统一异常处理的类 throw new SystemException(AppHttpCodeEnum.REQUIRE_USERNAME); } return blogLoginService.login(user); } @PostMapping("/logout") public ResponseResult logout(){ return blogLoginService.logout(); } } package com.huanf.service.impl; import com.huanf.domain.LoginUser; import com.huanf.domain.ResponseResult; import com.huanf.domain.User; import com.huanf.service.BlogLoginService; import com.huanf.utils.BeanCopyUtils; import com.huanf.utils.JwtUtil; import com.huanf.utils.RedisCache; import com.huanf.vo.BlogUserLoginVo; import com.huanf.vo.UserInfoVo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Service; import java.util.Objects; /** * @author 35238 * @date 2023/7/22 0022 21:39 */ @Service //认证，判断用户登录是否成功 public class BlogLoginServiceImpl implements BlogLoginService { @Autowired //AuthenticationManager是security官方提供的接口 private AuthenticationManager authenticationManager; @Autowired //RedisCache是我们在huanf-framework工程的config目录写的类 private RedisCache redisCache; @Override public ResponseResult login(User user) { //封装登录的用户名和密码 UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user.getUserName(),user.getPassword()); //在下一行之前，封装的数据会先走UserDetailsServiceImpl实现类，这个实现类在我们的huanf-framework工程的service/impl目录里面 Authentication authenticate = authenticationManager.authenticate(authenticationToken); //上面那一行会得到所有的认证用户信息authenticate。然后下一行需要判断用户认证是否通过，如果authenticate的值是null，就说明认证没有通过 if(Objects.isNull(authenticate)){ throw new RuntimeException("用户名或密码错误"); } //获取userid LoginUser loginUser = (LoginUser) authenticate.getPrincipal(); String userId = loginUser.getUser().getId().toString(); //把这个userid通过我们写的JwtUtil工具类转成密文，这个密文就是token值 String jwt = JwtUtil.createJWT(userId); //下面那行的第一个参数: 把上面那行的jwt，也就是token值保存到Redis。存到时候是键值对的形式，值就是jwt，key要加上 "bloglogin:" 前缀 //下面那行的第二个参数: 要把哪个对象存入Redis。我们写的是loginUser，里面有权限信息，后面会用到 redisCache.setCacheObject("bloglogin:"+userId,loginUser); //把User转化为UserInfoVo，再放入vo对象的第二个参数 UserInfoVo userInfoVo = BeanCopyUtils.copyBean(loginUser.getUser(), UserInfoVo.class); BlogUserLoginVo vo = new BlogUserLoginVo(jwt,userInfoVo); //封装响应返回 return ResponseResult.okResult(vo); } //-----------------------------------退出登录------------------------------------------ @Override public ResponseResult logout() { //获取token，然后解析token值获取其中的userid。SecurityContextHolder是security官方提供的类 Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); //LoginUser是我们写的类 LoginUser loginUser = (LoginUser) authentication.getPrincipal(); //获取userid Long userid = loginUser.getUser().getId(); //在redis根据key来删除用户的value值，注意之前我们在存key的时候，key是加了'bloglogin:'前缀 redisCache.deleteObject("bloglogin:"+userid); //封装响应返回 return ResponseResult.okResult(); } }