session 校验，从uic获取session缓存后存入redis

qinchao
Commit 4a7cea259cd625d549191eebf798a9fb74d3ca1e 1 parent f8322efd
Showing 1 changed file with 9 additions and 5 deletions
common/src/main/java/com/yohoufo/common/interceptor/SecurityInterceptor.java
--- a/common/src/main/java/com/yohoufo/common/interceptor/SecurityInterceptor.java
View file @4a7cea2
+++ b/common/src/main/java/com/yohoufo/common/interceptor/SecurityInterceptor.java
View file @4a7cea2
@@ -33,7 +33,7 @@ import java.util.Arrays;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
- 
+ import java.util.concurrent.TimeUnit;
 
 
 public class SecurityInterceptor implements HandlerInterceptor, ApplicationEventPublisherAware {
@@ -141,8 +141,9 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
 
         //7 从REDIS中获取服务端session的值. 如果REDIS中获取不到,可能存在双中心延迟的情况, 回源数据库查询
         String  sessionInfo;
+         RedisKeyBuilder cacheKey;
         try {
-             RedisKeyBuilder cacheKey = getSessionCacheKey(jSessionID, clientType, sessionType);
+             cacheKey = getSessionCacheKey(jSessionID, clientType, sessionType);
             sessionInfo = valueOperations.get(cacheKey);
             if(null == sessionInfo){ //如果REDIS主从延迟, 从主REDIS中获取SESSION
                 cacheKey = RedisKeyBuilder.newInstance().appendFixed(SESSION_CACHE_KEY_PRE).appendVar(jSessionID);
@@ -156,7 +157,7 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
 
         //8 session双云同步延迟时，获取用户session
         if(null == sessionInfo){
-             sessionInfo = this.getUserSesion(uid, jSessionID, clientType, sessionType);
+             sessionInfo = this.getUserSesion(cacheKey,uid, jSessionID, clientType, sessionType);
         }
 
         //9 校验SESSION, 校验不通过重新登录
@@ -344,7 +345,7 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
      * @param sessionKey
      * @return
      */
-     private String getUserSesion(String uid, String sessionKey, String clientType, String sessionType){
+     private String getUserSesion(RedisKeyBuilder cacheKey,String uid, String sessionKey, String clientType, String sessionType){
         try{
             boolean degrade_getSession_enable = configReader.getBoolean("gateway.degrade.users.getUserSesion.enable",false);
             if(degrade_getSession_enable){
@@ -356,10 +357,13 @@ public class SecurityInterceptor implements HandlerInterceptor, ApplicationEvent
             reqBO.setClientType(clientType);
             reqBO.setSessionType(sessionType);
             UserSessionReqBO result = serviceCaller.call("uic.selectUserSession", reqBO, UserSessionReqBO.class);
-             logger.debug("SecurityInterceptor: call uic.selectUserSession, uid is {}, sessionKey is {}");
+             logger.debug("SecurityInterceptor: call uic.selectUserSession, uid is {}, sessionKey is {},result is {}",uid,sessionKey,result);
             if(result == null || result.getUid() == null){
                 return null;
             }
+             //特殊处理（有可能与有货不共用redis）：如果获取到缓存，把缓存再一次保存到ufo的redis中
+             valueOperations.set(cacheKey,result.getSessionKey(),result.getSessionKeyTimeOut(), TimeUnit.SECONDS);
+             logger.debug("SecurityInterceptor: set session to redis uid {},session key {},result {}",uid,result.getSessionKey(),result);
             return String.valueOf(result.getUid());
         }catch(Exception e){
             logger.warn("SecurityInterceptor: getUserSession failed ! uid is {}, sessionKey is {}, error is {}", uid, sessionKey, e);