session超时修改

mali
Commit 360949a5413a0bcd33220b3d7c2c7dcb9721053c 1 parent 2649173e
Showing 2 changed files with 32 additions and 4 deletions
common/pom.xml
common/src/main/java/com/yohoufo/common/interceptor/SecurityInterceptor.java
--- a/common/pom.xml
View file @360949a
+++ b/common/pom.xml
View file @360949a
@@ -26,7 +26,10 @@
             <groupId>com.yoho.core</groupId>
             <artifactId>yoho-core-common</artifactId>
         </dependency>
- 
+         <dependency>
+             <groupId>com.yoho.core</groupId>
+             <artifactId>yoho-core-rabbitmq</artifactId>
+         </dependency>
 
         <dependency>
             <groupId>com.yoho.core</groupId>
--- a/common/src/main/java/com/yohoufo/common/interceptor/SecurityInterceptor.java
View file @360949a
+++ b/common/src/main/java/com/yohoufo/common/interceptor/SecurityInterceptor.java
View file @360949a
@@ -2,11 +2,13 @@ package com.yohoufo.common.interceptor;
 
 import com.alibaba.fastjson.JSON;
 import com.yoho.core.config.ConfigReader;
+ import com.yoho.core.rabbitmq.YhProducer;
 import com.yoho.core.redis.cluster.annotation.Redis;
 import com.yoho.core.redis.cluster.operations.nosync.YHValueOperations;
 import com.yoho.core.redis.cluster.operations.serializer.RedisKeyBuilder;
 import com.yoho.core.rest.client.ServiceCaller;
 import com.yoho.error.event.LogEvent;
+ import com.yoho.service.model.request.SessionFailedBO;
 import com.yoho.service.model.request.UserSessionReqBO;
 import com.yohoufo.common.annotation.IgnoreSession;
 import com.yohoufo.common.exception.GatewayException;
@@ -71,6 +73,11 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
 
     private ApplicationEventPublisher publisher;
 
+     @Resource(name="ufoExpressInfoProducer")
+     YhProducer yhProducer;
+ 
+     private static final String SESSION_FAIL_TOPIC = "uic.sessionFail";
+ 
     @Override
     public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
 
@@ -100,6 +107,7 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
         String method = params.get("method");
         String uid = params.get("uid");
         String appVersion = params.get("app_version");
+         String businessLine = params.get("business_line");
         //==============以下是完全不校验的场景=========================
 
         //2 是否校验全部接口，开关-true：校验全部接口（除去@IgnoreSession注解接口） 开关-false:只校验核心接口
@@ -140,7 +148,8 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
         //6 如果cookie中没有jSessionID , 但接口又必须校验会话, 则返回 HTTP 401, 需要重新登录.
         if (jSessionID == null) {
             logger.warn("check session failed, can not find session id in cookies, check session info failed, method {}, uid {}, appVersion is {}, clientType is {}, sessionType is {}", method, uid, appVersion, clientType, sessionType);
-             this.verifyFailReport(uid, method, clientType);
+             //this.verifyFailReport(uid, method, clientType);
+             this.verifyFailReport(uid, method, clientType,null, null, getIP(httpServletRequest), appVersion, businessLine ,sessionType,0);
             throw new SessionExpireException(); //重新登录
         }
 
@@ -169,7 +178,8 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
         //9 校验SESSION, 校验不通过重新登录
         if (uid == null || sessionInfo == null || !StringUtils.equals(sessionInfo, uid)) {
             logger.warn("check session failed, session unmatched uid, session id {}, uid {} , session info {}, method {}, version is {}, clientType is {}, sessionType is {}",  jSessionID, params.get("uid"), sessionInfo, method, appVersion, clientType, sessionType);
-             this.verifyFailReport(uid, method, clientType);
+             //this.verifyFailReport(uid, method, clientType);
+             this.verifyFailReport(uid, method, clientType,jSessionID, sessionInfo, getIP(httpServletRequest), appVersion, businessLine ,sessionType,1);
             throw new SessionExpireException(); //重新登录
         }
     }
@@ -194,15 +204,30 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
      * @param method
      * @param clientType
      */
-     private void verifyFailReport(String uid, String method, String clientType){
+     private void verifyFailReport(String uid, String method, String clientType,String sessionKey,
+                                   String sessionInfo, String ip, String appVersion, String businessLine, String sessionType, int failType){
         try{
             LogEvent logEvent = new LogEvent.Builder("sessionFail").addArg("uid", uid).addArg("method", method).addArg("clientType", clientType).build();
             publisher.publishEvent(logEvent);
+             SessionFailedBO failedBO = new SessionFailedBO(uid,method, sessionKey, sessionInfo,ip, appVersion, businessLine, clientType,sessionType, getIntTime(),failType);
+             sendSessionFailMQ(SESSION_FAIL_TOPIC, failedBO);
         }catch (Exception e){
             logger.warn("verifyFailReport: report session verify event faild, uid is {}, method is {}, error is {}", uid, method, e);
         }
     }
 
+     private int getIntTime(){
+         return (int)(System.currentTimeMillis()/1000);
+     }
+ 
+     private void sendSessionFailMQ(String topic, SessionFailedBO failedBO){
+         try{
+             yhProducer.send(topic, failedBO);
+             logger.info("send sendSessionFailMQ  success. topic is {}, param is {}", topic, failedBO);
+         }catch (Exception e){
+             logger.warn("send sendSessionFailMQ  failed. param is {}, exception is {}", failedBO, e);
+         }
+     }
     
     private RedisKeyBuilder getSessionCacheKey(String sessionKey, String clientType, String sessionType){
         RedisKeyBuilder keyBuilder = RedisKeyBuilder.newInstance().appendFixed(SESSION_CACHE_KEY_PRE);