Selaa lähdekoodia

fix校验+登录

LLL 4 kuukautta sitten
vanhempi
commit
0fbe52e8b4

+ 27 - 1
jeecg-module-interlock/src/main/java/org/jeecg/modules/ssoClient/controller/SSOLoginLogoutController.java

@@ -170,11 +170,22 @@ public class SSOLoginLogoutController {
     @RequestMapping(value = "/tzlogin", method = RequestMethod.POST)
     public LoginResult tzlogin(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModelDTO dto){
 
+        String eiToken = "";
+
+        Cookie[] cookies = request.getCookies();
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().equals("EIToken")) {
+                    eiToken = cookie.getValue();
+                }
+            }
+        }
+
         LoginResult loginResult = new LoginResult();
         Result<JSONObject> result = new Result<JSONObject>();
         String usernameSSO = dto.getUsername();
         String password = dto.getPassword();
-        String eiToken = dto.getEiToken();
+//        String eiToken = dto.getEiToken();
         String lsToken = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
 
         if(eiToken!=null && !"".equals(eiToken)){
@@ -233,6 +244,17 @@ public class SSOLoginLogoutController {
     @RequestMapping(value = "/login", method = RequestMethod.POST)
     public Result<JSONObject> login(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
 
+        Cookie[] cookies = request.getCookies();
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().equals("EIToken")) {
+                    String t = cookie.getValue();
+                    // 可以在这里处理tokenValue
+                }
+            }
+        }
+        // TODO 要做判断啥的么?
+
         Result<JSONObject> result = new Result<JSONObject>();
         String username = sysLoginModel.getUsername();
         String password = sysLoginModel.getPassword();
@@ -243,6 +265,8 @@ public class SSOLoginLogoutController {
             return result;
         }
 
+        response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=3600; Path=/; Secure; SameSite=None", eiToken));
+
         //1. 校验用户是否有效
         SysUser sysUser = sysUserService.getUserAll(username);
         result = sysUserService.checkUserIsEffective(sysUser);
@@ -485,6 +509,8 @@ public class SSOLoginLogoutController {
         String msg = IoTedgessolgout(response);
         if(!SSOConstants.LOGOUT_SUCCESS.equals(msg)) return Result.error(msg);
 
+        response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=0; Path=/; Secure; SameSite=None", ""));
+
         //用户退出逻辑
         String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
         if(oConvertUtils.isEmpty(token)) {

+ 7 - 1
jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml

@@ -8,6 +8,10 @@ server:
     include-message: ALWAYS
   servlet:
     context-path: /jeecg-boot
+    session:
+      cookie:
+        same-site: none
+        secure: true
   compression:
     enabled: true
     min-response-size: 1024
@@ -283,7 +287,9 @@ jeecg:
     enabled: true
 #cas单点登录
 cas:
-  prefixUrl: http://cas.example.org:8443/cas
+  # 配置CAS服务地址,cas为工程目录,部署到ROOT目录下http://cas.test.com:8443即可
+  prefixUrl: http://sso.wsria.com:8443/cas
+#  prefixUrl: http://cas.example.org:8443/cas
 #Mybatis输出sql日志
 logging:
   level: