lsm/sa-token
1
0
Fork 0
mirror of https://gitee.com/dromara/sa-token.git synced 2025-04-05 08:37:21 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

v1.5版本 升级

Browse Source
This commit is contained in:
shengzhang 2020-12-16 02:10:51 +08:00
parent 19e81b257e
commit 6e10bce575
26 changed files with 287 additions and 417 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

352
LICENSE
View File

@ -1,339 +1,21 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
MIT License
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Copyright (c) 2020 www.uviewui.com
Preamble
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

8
README.md
View File

@ -1,11 +1,11 @@
<p align="center">
<img alt="logo" src="http://sa-token.dev33.cn/doc/logo.png" width="150" height="150" style="margin-bottom: 10px;">
<img alt="logo" src="https://gitee.com/sz6/sa-token/raw/master/sa-token-doc/doc/logo.png" width="150" height="150" style="margin-bottom: 10px;">
</p>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">sa-token v1.4.0</h1>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">sa-token v1.5.1</h1>
<h4 align="center">一个JavaWeb轻量级权限认证框架功能全面上手简单</h4>
<h4 align="center">
<a href="https://gitee.com/sz6/sa-token/stargazers"><img src="https://gitee.com/sz6/sa-token/badge/star.svg"></a>
<a href="https://github.com/click33/sa-token"><img src="https://img.shields.io/badge/sa--token-v1.4.0-2B9939"></a>
<a href="https://github.com/click33/sa-token"><img src="https://img.shields.io/badge/sa--token-v1.5.1-2B9939"></a>
<a href="https://github.com/click33/sa-token/stargazers"><img src="https://img.shields.io/github/stars/click33/sa-token"></a>
<a href="https://github.com/click33/sa-token/watchers"><img src="https://img.shields.io/github/watchers/click33/sa-token"></a>
<a href="https://github.com/click33/sa-token/network/members"><img src="https://img.shields.io/github/forks/click33/sa-token"></a>
@ -48,7 +48,7 @@ StpUtil.checkLogin();
## 💦️️ 涵盖功能
- ⚡ **登录验证** —— 轻松登录鉴权,提供个性化登录提示
- ⚡ **登录验证** —— 轻松登录鉴权,并提供五种细分场景值
- ⚡ **权限验证** —— 拦截违规调用,不同角色不同授权
- ⚡ **自定义session会话** —— 专业的数据缓存中心
- ⚡ **踢人下线** —— 将违规用户立刻清退下线

18
sa-token-demo-springboot/pom.xml
View File

@ -26,19 +26,19 @@
</dependency>
<!-- 开发测试 -->
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-dev</artifactId>
<version>1.4.0</version>
</dependency>
<!-- sa-token 权限认证, 在线文档http://sa-token.dev33.cn/ -->
<!-- <dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token</artifactId>
<version>1.4.0</version>
<artifactId>sa-token-dev</artifactId>
<version>1.5.1</version>
</dependency> -->
<!-- sa-token 权限认证, 在线文档http://sa-token.dev33.cn/ -->
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token</artifactId>
<version>1.5.1</version>
</dependency>
<!-- SpringBoot整合redis -->
<dependency>
<groupId>org.springframework.boot</groupId>

3
sa-token-demo-springboot/src/main/java/com/pj/satoken/SaTokenDaoRedis.java
View File

@ -7,7 +7,6 @@ import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.serializer.JdkSerializationRedisSerializer;
import org.springframework.data.redis.serializer.StringRedisSerializer;
import org.springframework.stereotype.Component;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.session.SaSession;
@ -15,7 +14,7 @@ import cn.dev33.satoken.session.SaSession;
/**
* sa-token持久层的实现类 , 基于redis
*/
@Component // 打开此注解保证此类被springboot扫描即可完成sa-token与redis的集成
//@Component // 打开此注解保证此类被springboot扫描即可完成sa-token与redis的集成
public class SaTokenDaoRedis implements SaTokenDao {

54
sa-token-demo-springboot/src/main/java/com/pj/test/GlobalException.java
View File

@ -24,6 +24,9 @@ public class GlobalException {
}
// 全局异常拦截拦截项目中的所有异常
@ExceptionHandler
public AjaxJson handlerException(Exception e, HttpServletRequest request, HttpServletResponse response)
@ -35,21 +38,8 @@ public class GlobalException {
// 不同异常返回不同状态码
AjaxJson aj = null;
if (e instanceof NotLoginException) { // 如果是未登录异常
aj = AjaxJson.getNotLogin();
// 判断具体是什么类型
NotLoginException ee = (NotLoginException) e;
if(ee.getType() == NotLoginException.NOT_TOKEN) {
aj.setMsg("未提供token");
}
if(ee.getType() == NotLoginException.INVALID_TOKEN) {
aj.setMsg("token无效");
}
if(ee.getType() == NotLoginException.BE_REPLACED) {
aj.setMsg("token已被顶下线");
}
if(ee.getType() == NotLoginException.TOKEN_TIMEOUT) {
aj.setMsg("token已过期");
}
aj = AjaxJson.getNotLogin().setMsg(ee.getMessage());
} else if(e instanceof NotPermissionException) { // 如果是权限异常
NotPermissionException ee = (NotPermissionException) e;
aj = AjaxJson.getNotJur("无此权限:" + ee.getCode());
@ -64,5 +54,41 @@ public class GlobalException {
// response.setContentType("application/json; charset=utf-8"); // http说明我要返回JSON对象
// response.getWriter().print(new ObjectMapper().writeValueAsString(aj));
}
// 全局异常拦截拦截项目中的NotLoginException异常
// @ExceptionHandler(NotLoginException.class)
// public AjaxJson handlerNotLoginException(NotLoginException nle, HttpServletRequest request, HttpServletResponse response)
// throws Exception {
//
// // 打印堆栈以供调试
// nle.printStackTrace();
//
// // 判断场景值定制化异常信息
// String message = "";
// if(nle.getType().equals(NotLoginException.NOT_TOKEN)) {
// message = "未提供token";
// }
// else if(nle.getType().equals(NotLoginException.INVALID_TOKEN)) {
// message = "token无效";
// }
// else if(nle.getType().equals(NotLoginException.TOKEN_TIMEOUT)) {
// message = "token已过期";
// }
// else if(nle.getType().equals(NotLoginException.BE_REPLACED)) {
// message = "token已被顶下线";
// }
// else if(nle.getType().equals(NotLoginException.KICK_OUT)) {
// message = "token已被踢下线";
// }
// else {
// message = "当前会话未登录";
// }
//
// // 返回给前端
// return AjaxJson.getError(message);
// }
}

23
sa-token-demo-springboot/src/main/java/com/pj/test/TestController.java
View File

@ -121,15 +121,34 @@ public class TestController {
// 测试踢人下线 浏览器访问 http://localhost:8081/test/kickOut
@RequestMapping("kickOut")
public AjaxJson kickOut() {
// 先登录上
StpUtil.setLoginId(10001);
// 清退下线
// StpUtil.logoutByLoginId(10001);
// 踢下线
StpUtil.kickoutByLoginId(10001);
// 再尝试获取
StpUtil.getLoginId();
// 返回
return AjaxJson.getSuccess();
}
// 测试 浏览器访问 http://localhost:8081/test/test
@RequestMapping("test")
public AjaxJson test() {
StpUtil.setLoginId(10001);
// StpUtil.getSession();
StpUtil.logout();
// System.out.println(StpUtil.getSession().getId());
// System.out.println(StpUserUtil.getSession().getId());
StpUtil.getSessionByLoginId(10001).setAttribute("name", "123");
System.out.println(StpUtil.getSessionByLoginId(10001).getAttribute("name"));
// StpUtil.getSessionByLoginId(10001).setAttribute("name", "123");
// System.out.println(StpUtil.getSessionByLoginId(10001).getAttribute("name"));
return AjaxJson.getSuccess();
}

2
sa-token-dev/pom.xml
View File

@ -7,7 +7,7 @@
<groupId>cn.dev33</groupId>
<artifactId>sa-token-dev</artifactId>
<packaging>jar</packaging>
<version>1.4.0</version>
<version>1.5.1</version>
<!-- SpringBoot -->
<parent>

4
sa-token-dev/src/main/java/cn/dev33/satoken/action/SaTokenAction.java
View File

@ -14,7 +14,7 @@ public interface SaTokenAction {
/**
* 获取当前会话的 response
* @return
* @return 当前请求的response
*/
public HttpServletResponse getResponse();
@ -22,7 +22,7 @@ public interface SaTokenAction {
* 生成一个token
* @param loginId 账号id
* @param loginKey 登录标识key
* @return
* @return 一个token
*/
public String createToken(Object loginId, String loginKey);

62
sa-token-dev/src/main/java/cn/dev33/satoken/exception/NotLoginException.java
View File

@ -25,20 +25,32 @@ public class NotLoginException extends RuntimeException {
/** 表示未提供token */
public static final String NOT_TOKEN = "-1";
public static final String NOT_TOKEN_MESSAGE = "未提供token";
/** 表示token无效 */
public static final String INVALID_TOKEN = "-2";
/** 表示token已被顶下线 */
public static final String BE_REPLACED = "-3";
public static final String INVALID_TOKEN_MESSAGE = "token无效";
/** 表示token已过期 */
public static final String TOKEN_TIMEOUT = "-4";
public static final String TOKEN_TIMEOUT = "-3";
public static final String TOKEN_TIMEOUT_MESSAGE = "token已过期";
/** 表示token已被顶下线 */
public static final String BE_REPLACED = "-4";
public static final String BE_REPLACED_MESSAGE = "token已被顶下线";
/** 表示token已被踢下线 */
public static final String KICK_OUT = "-5";
public static final String KICK_OUT_MESSAGE = "token已被踢下线";
/** 默认的提示语 */
public static final String DEFAULT_MESSAGE = "当前会话未登录";
/**
* 代表异常token的标志集合
*/
public static final List<String> ABNORMAL_LIST = Arrays.asList(NOT_TOKEN, INVALID_TOKEN, BE_REPLACED, TOKEN_TIMEOUT);
public static final List<String> ABNORMAL_LIST = Arrays.asList(NOT_TOKEN, INVALID_TOKEN, TOKEN_TIMEOUT, BE_REPLACED, KICK_OUT);
/**
@ -76,15 +88,47 @@ public class NotLoginException extends RuntimeException {
// this(StpUtil.stpLogic.loginKey);
// }
/**
* 创建一个
* @param loginKey login_key
* 创建一个
* @param message 异常消息
* @param loginKey loginKey
* @param type 类型
*/
public NotLoginException(String loginKey, String type) {
public NotLoginException(String message, String loginKey, String type) {
// 这里到底要不要拼接上login_key呢纠结
super("当前会话未登录");
super(message);
this.loginKey = loginKey;
this.type = type;
}
/**
* 静态方法构建一个NotLoginException
* @param loginKey loginKey
* @param type 场景类型
* @return 构建完毕的异常对象
*/
public static NotLoginException newInstance(String loginKey, String type) {
String message = null;
if(type.equals(NOT_TOKEN)) {
message = NOT_TOKEN_MESSAGE;
}
else if(type.equals(INVALID_TOKEN)) {
message = INVALID_TOKEN_MESSAGE;
}
else if(type.equals(TOKEN_TIMEOUT)) {
message = TOKEN_TIMEOUT_MESSAGE;
}
else if(type.equals(BE_REPLACED)) {
message = BE_REPLACED_MESSAGE;
}
else if(type.equals(KICK_OUT)) {
message = KICK_OUT_MESSAGE;
}
else {
message = DEFAULT_MESSAGE;
}
return new NotLoginException(message, loginKey, type);
}
}

2
sa-token-dev/src/main/java/cn/dev33/satoken/session/SaSession.java
View File

@ -33,7 +33,7 @@ public class SaSession implements Serializable {
/**
* 构建一个 session对象
* @param id
* @param id sessionId
*/
public SaSession(String id) {
this.id = id;

2
sa-token-dev/src/main/java/cn/dev33/satoken/session/SaSessionCustomUtil.java
View File

@ -30,7 +30,7 @@ public class SaSessionCustomUtil {
* 获取指定key的session
* @param sessionId key
* @param isCreate 如果没有是否新建并返回
* @return
* @return SaSession
*/
public static SaSession getSessionById(String sessionId, boolean isCreate) {
SaSession session = SaTokenManager.getDao().getSaSession(getSessionKey(sessionId));

2
sa-token-dev/src/main/java/cn/dev33/satoken/spring/SpringSaToken.java
View File

@ -21,7 +21,7 @@ public class SpringSaToken {
/**
* 获取配置Bean
* @return
* @return .
*/
@Bean
@ConfigurationProperties(prefix="spring.sa-token")

2
sa-token-dev/src/main/java/cn/dev33/satoken/stp/StpInterface.java
View File

@ -12,7 +12,7 @@ public interface StpInterface {
* 返回指定login_id所拥有的权限码集合
* @param loginId 账号id
* @param loginKey 具体的stp标识
* @return
* @return .
*/
public List<Object> getPermissionCodeList(Object loginId, String loginKey);

53
sa-token-dev/src/main/java/cn/dev33/satoken/stp/StpLogic.java
View File

@ -49,6 +49,7 @@ public class StpLogic {
/**
* 随机生成一个tokenValue
* @param loginId loginId
* @return 生成的tokenValue
*/
public String randomTokenValue(Object loginId) {
@ -100,7 +101,7 @@ public class StpLogic {
/**
* 获取指定id的tokenValue
* @param loginId .
* @return
* @return .
*/
public String getTokenValueByLoginId(Object loginId) {
return SaTokenManager.getDao().getValue(getKeyLoginId(loginId));
@ -172,8 +173,8 @@ public class StpLogic {
if(loginId == null) {
return;
}
// 如果已经被顶替或已过期那么只删除此token即可
if(loginId.equals(NotLoginException.BE_REPLACED) || loginId.equals(NotLoginException.TOKEN_TIMEOUT)) {
// 如果已过期或被顶替或被挤下线那么只删除此token即可
if(loginId.equals(NotLoginException.TOKEN_TIMEOUT) || loginId.equals(NotLoginException.BE_REPLACED) || loginId.equals(NotLoginException.KICK_OUT)) {
return;
}
// 至此已经是一个正常的loginId开始三清
@ -181,7 +182,7 @@ public class StpLogic {
}
/**
* 指定loginId的会话注销登录踢人下线
* 指定loginId的会话注销登录清退下线
* @param loginId 账号id
*/
public void logoutByLoginId(Object loginId) {
@ -195,7 +196,25 @@ public class StpLogic {
// 清除相关数据
SaTokenManager.getDao().delKey(getKeyTokenValue(tokenValue)); // 清除token-id键值对
SaTokenManager.getDao().delKey(getKeyLoginId(loginId)); // 清除id-token键值对
SaTokenManager.getDao().delKey(getKeySession(loginId)); // 清除其session
SaTokenManager.getDao().deleteSaSession(getKeySession(loginId)); // 清除其session
}
/**
* 指定loginId的会话注销登录踢人下线
* @param loginId 账号id
*/
public void kickoutByLoginId(Object loginId) {
// 获取相应tokenValue
String tokenValue = getTokenValueByLoginId(loginId);
if(tokenValue == null) {
return;
}
// 清除相关数据
SaTokenManager.getDao().updateValue(getKeyTokenValue(tokenValue), NotLoginException.KICK_OUT); // 标记已被踢下线
SaTokenManager.getDao().delKey(getKeyLoginId(loginId)); // 清除id-token键值对
SaTokenManager.getDao().deleteSaSession(getKeySession(loginId)); // 清除其session
}
// 查询相关
@ -224,20 +243,24 @@ public class StpLogic {
// 如果获取不到token则抛出无token
String tokenValue = getTokenValue();
if(tokenValue == null) {
throw new NotLoginException(loginKey, NotLoginException.NOT_TOKEN);
throw NotLoginException.newInstance(loginKey, NotLoginException.NOT_TOKEN);
}
// 查找此token对应loginId, 则抛出无效token
String loginId = SaTokenManager.getDao().getValue(getKeyTokenValue(tokenValue));
if(loginId == null) {
throw new NotLoginException(loginKey, NotLoginException.INVALID_TOKEN);
}
// 如果是已经被顶替下去了, 则抛出已被顶下线
if(loginId.equals(NotLoginException.BE_REPLACED)) {
throw new NotLoginException(loginKey, NotLoginException.BE_REPLACED);
throw NotLoginException.newInstance(loginKey, NotLoginException.INVALID_TOKEN);
}
// 如果是已经过期则抛出已经过期
if(loginId.equals(NotLoginException.TOKEN_TIMEOUT)) {
throw new NotLoginException(loginKey, NotLoginException.TOKEN_TIMEOUT);
throw NotLoginException.newInstance(loginKey, NotLoginException.TOKEN_TIMEOUT);
}
// 如果是已经被顶替下去了, 则抛出已被顶下线
if(loginId.equals(NotLoginException.BE_REPLACED)) {
throw NotLoginException.newInstance(loginKey, NotLoginException.BE_REPLACED);
}
// 如果是已经被踢下线了, 则抛出已被踢下线
if(loginId.equals(NotLoginException.KICK_OUT)) {
throw NotLoginException.newInstance(loginKey, NotLoginException.KICK_OUT);
}
// 至此返回loginId
return loginId;
@ -246,7 +269,7 @@ public class StpLogic {
/**
* 获取当前会话登录id, 如果未登录则返回默认值
* @param defaultValue .
* @return
* @return .
*/
@SuppressWarnings("unchecked")
public <T>T getLoginId(T defaultValue) {
@ -297,7 +320,7 @@ public class StpLogic {
/**
* 获取当前会话登录id, 并转换为int
* @return
* @return .
*/
public int getLoginIdAsInt() {
// Object loginId = getLoginId();
@ -309,7 +332,7 @@ public class StpLogic {
/**
* 获取当前会话登录id, 并转换为long
* @return
* @return .
*/
public long getLoginIdAsLong() {
// Object loginId = getLoginId();

10
sa-token-dev/src/main/java/cn/dev33/satoken/stp/StpUtil.java
View File

@ -72,13 +72,21 @@ public class StpUtil {
}
/**
* 指定loginId的会话注销登录踢人下线
* 指定loginId的会话注销登录清退下线
* @param loginId 账号id
*/
public static void logoutByLoginId(Object loginId) {
stpLogic.logoutByLoginId(loginId);
}
/**
* 指定loginId的会话注销登录踢人下线
* @param loginId 账号id
*/
public static void kickoutByLoginId(Object loginId) {
stpLogic.kickoutByLoginId(loginId);
}
// 查询相关
/**

2
sa-token-dev/src/main/java/cn/dev33/satoken/util/SaTokenInsideUtil.java
View File

@ -11,7 +11,7 @@ public class SaTokenInsideUtil {
/**
* sa-token 版本号
*/
public static final String VERSION_NO = "v1.4.0";
public static final String VERSION_NO = "v1.5.1";
/**
* sa-token 开源地址

8
sa-token-doc/doc/README.md
View File

@ -1,11 +1,11 @@
<p align="center">
<img alt="logo" src="http://127.0.0.1:8848/sa-token-doc/doc/logo.png" width="150" height="150" style="margin-bottom: 10px;">
<img alt="logo" src="https://gitee.com/sz6/sa-token/raw/master/sa-token-doc/doc/logo.png" width="150" height="150" style="margin-bottom: 10px;">
</p>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">sa-token v1.4.0</h1>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">sa-token v1.5.1</h1>
<h4 align="center">一个JavaWeb轻量级权限认证框架功能全面上手简单</h4>
<h4 align="center">
<a href="https://gitee.com/sz6/sa-token/stargazers"><img src="https://gitee.com/sz6/sa-token/badge/star.svg"></a>
<a href="https://github.com/click33/sa-token"><img src="https://img.shields.io/badge/sa--token-v1.4.0-2B9939"></a>
<a href="https://github.com/click33/sa-token"><img src="https://img.shields.io/badge/sa--token-v1.5.1-2B9939"></a>
<a href="https://github.com/click33/sa-token/stargazers"><img src="https://img.shields.io/github/stars/click33/sa-token"></a>
<a href="https://github.com/click33/sa-token/watchers"><img src="https://img.shields.io/github/watchers/click33/sa-token"></a>
<a href="https://github.com/click33/sa-token/network/members"><img src="https://img.shields.io/github/forks/click33/sa-token"></a>
@ -48,7 +48,7 @@ StpUtil.checkLogin();
## 💦️️ 涵盖功能
- ⚡ **登录验证** —— 轻松登录鉴权,提供个性化登录提示
- ⚡ **登录验证** —— 轻松登录鉴权,并提供五种细分场景值
- ⚡ **权限验证** —— 拦截违规调用,不同角色不同授权
- ⚡ **自定义session会话** —— 专业的数据缓存中心
- ⚡ **踢人下线** —— 将违规用户立刻清退下线

11
sa-token-doc/doc/_sidebar.md
View File

@ -21,12 +21,11 @@
- [常见问题](/more/common-questions)
- [友情链接](/more/link)
- [更新日志](/more/update-log)
<!-- - [常见问题](/c1) -->
<!-- - [常用函数](/c1) -->
<!-- - [插件](/c1) -->
<!-- - [关于](/c1) -->
<!-- - eclipse插件 -->
<!-- - idea插件 -->
- **附录**
- [未登录场景值](/fun/not-login-scene)
<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
<p style="text-align: center;">----- 到底线了 -----</p>

49
sa-token-doc/doc/fun/not-login-scene.md Normal file
View File

@ -0,0 +1,49 @@
# NotLoginException 场景值
本篇介绍如何根据`NotLoginException`异常的场景值,来定制化处理未登录的逻辑 <br/>
应用场景举例:未登录、被顶下线、被踢下线等场景需要不同方式来处理
## 何为场景值
- 在前面的章节中,我们了解到,在会话未登录的情况下尝试获取`loginId`会使框架抛出`NotLoginException`异常,而同为未登录异常却有五种抛出场景的区分 <br>
- 那么,如何获取场景值呢?废话少说直接上代码:
``` java
// 全局异常拦截拦截项目中的NotLoginException异常
@ExceptionHandler(NotLoginException.class)
public AjaxJson handlerNotLoginException(NotLoginException nle, HttpServletRequest request, HttpServletResponse response)
throws Exception {
// 打印堆栈,以供调试
nle.printStackTrace();
// 判断场景值,定制化异常信息
String message = "";
if(nle.getType().equals(NotLoginException.NOT_TOKEN)) {
message = "未提供token";
}
else if(nle.getType().equals(NotLoginException.INVALID_TOKEN)) {
message = "token无效";
}
else if(nle.getType().equals(NotLoginException.TOKEN_TIMEOUT)) {
message = "token已过期";
}
else if(nle.getType().equals(NotLoginException.BE_REPLACED)) {
message = "token已被顶下线";
}
else if(nle.getType().equals(NotLoginException.KICK_OUT)) {
message = "token已被踢下线";
}
else {
message = "当前会话未登录";
}
// 返回给前端
return AjaxJson.getError(message);
}
```
<br/>
注意:以上代码并非处理逻辑的最佳方式,只为以最简单的代码演示出场景值的获取与应用,大家可以根据自己的项目需求来定制化处理

2
sa-token-doc/doc/index.html
View File

@ -30,7 +30,7 @@
</div>
<script>
var name = '<img style="width: 50px; height: 50px; vertical-align: middle;" src="logo.png" alt="logo" /> ';
name += '<b style="font-size: 24px; vertical-align: middle;">sa-token</b> <sub>v1.4.0</sub>'
name += '<b style="font-size: 24px; vertical-align: middle;">sa-token</b> <sub>v1.5.1</sub>'
window.$docsify = {
name: name, // 名字
repo: 'https://github.com/click33/sa-token', // github地址

13
sa-token-doc/doc/more/update-log.md
View File

@ -1,5 +1,18 @@
# 更新日志
### 2020-12-16 @v1.5.1
- 新增细化未登录异常类型提供五种场景值未提供token、token无效、token已过期 、token已被顶下线、token已被踢下线 **[重要]**
- 修复:修复`StpUtil.getSessionByLoginId(String loginId)`方法转换key出错的bug感谢群友 @(#°Д°)、@一米阳光 发现的bug
- 优化:修改方法`StpUtil.getSessionByLoginId(Object loginId)`的isCreate值默认为true
- 修改:`方法delSaSession`修改为`deleteSaSession`,更加语义化的函数名称
- 新增:新增`StpUtil.getTokenName()`方法更语义化的获取tokenName
- 新增:新增`SaTokenAction`框架行为Bean方便重写逻辑
- 优化:`Cookie操作`改为接口代理模式,使其可以被重写
- 优化文档里集成redis部分增加redis的pom依赖示例
- 修复:登录验证-> `StpUtil.getLoginId_defaultNull()` 修复方法名错误的问题
- 优化:优化`readme.md`
- 升级:开源协议修改为`MIT`
### 2020-9-7 @v1.4.0
- 优化修改一些函数、变量名称使其更符合阿里java代码规范
- 优化:`tokenValue`的读取优先级改为:`request` > `body` > `header` > `cookie`

4
sa-token-doc/doc/start/download.md
View File

@ -9,7 +9,7 @@
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token</artifactId>
<version>1.4.0</version>
<version>1.5.1</version>
</dependency>
```
@ -29,7 +29,7 @@
## jar包下载
[点击下载sa-token-1.4.0.jar](https://color-test.oss-cn-qingdao.aliyuncs.com/sa-token/sa-token-1.4.0.jar)
[点击下载sa-token-1.5.1.jar](https://oss.dev33.cn/sa-token/sa-token-1.5.1.jar)

2
sa-token-doc/doc/start/example.md
View File

@ -18,7 +18,7 @@
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token</artifactId>
<version>1.4.0</version>
<version>1.5.1</version>
</dependency>
```

8
sa-token-doc/doc/use/kick.md
View File

@ -10,6 +10,12 @@
## 具体API
#### StpUtil.logoutByLoginId(Object loginId)
- 让指定loginId的会话注销登录清退下线
#### StpUtil.kickoutByLoginId(Object loginId)
- 让指定loginId的会话注销登录踢人下线
## 详解
- `logoutByLoginId``kickoutByLoginId` 都可以将用户强制下线,不同点在于:
- `logoutByLoginId` 是将人清退,用户得到的提示是 [token无效] ,对于失效原因尚未可知 NotLoginException场景值为-2
- `kickoutByLoginId` 是将人踢下线,用户可得到明确提示 [已被踢下线] NotLoginException场景值为-5

6
sa-token-doc/doc/use/login-auth.md
View File

@ -25,6 +25,7 @@
#### StpUtil.checkLogin()
- 检验当前会话是否已经登录, 如果未登录,则抛出异常:`NotLoginException`
- 扩展:`NotLoginException` 对象可通过 `getLoginKey()` 方法获取具体是哪个 `StpLogic` 抛出的异常
- 扩展:`NotLoginException` 对象可通过 `getType()` 方法获取具体的场景值,详细参考章节:[未登录场景值](/fun/not-login-scene)
#### StpUtil.getLoginId()
- 获取当前会话登录id, 如果未登录,则抛出异常:`NotLoginException`
@ -38,7 +39,8 @@
- 类似API还有
- `StpUtil.getLoginIdDefaultNull()` 获取当前会话登录id, 如果未登录则返回null
#### getLoginIdByToken(String tokenValue)
#### StpUtil.getLoginIdByToken(String tokenValue)
- 获取指定token对应的登录id如果未登录则返回 null
#### StpUtil.getTokenName()
- 获取当前`StpLogic`的token名称

2
sa-token-doc/index.html
View File

@ -43,7 +43,7 @@
<!-- 内容部分 -->
<div class="main-box">
<div class="content-box">
<h1>sa-token<small>v1.4.0</small></h1>
<h1>sa-token<small>v1.5.1</small></h1>
<div class="sub-title">一个JavaWeb轻量级权限认证框架功能全面上手简单</div>
<!-- <p>0配置开箱即用低学习成本</p> -->
<p>登录验证、权限验证、自定义session会话、踢人下线、持久层扩展、无cookie模式、模拟他人账号、多账号体系、注解式鉴权、Spring集成...</p>