新增：当后台修改用户密码后，强制下线登录账户的功能 close #I1Q73T

zhangxiaoben · Aug 11, 2020 · f2bd7a3 · f2bd7a3
1 parent d00c02e
commit f2bd7a3
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 6 deletions.
diff --git a/jpress-commons/src/main/java/io/jpress/commons/utils/SessionUtils.java b/jpress-commons/src/main/java/io/jpress/commons/utils/SessionUtils.java
@@ -10,16 +10,16 @@ public class SessionUtils {
     private static final String SESSION_NAME = "userSessions";
     private static final String SESSION_VALUE = "ok";
 
-    public static void record(long userId) {
-        CacheUtil.put(SESSION_NAME, userId, SESSION_VALUE);
+    public static void record(Object userId) {
+        CacheUtil.put(SESSION_NAME, String.valueOf(userId), SESSION_VALUE);
     }
 
-    public static void forget(long userId) {
-        CacheUtil.remove(SESSION_NAME, userId);
+    public static void forget(Object userId) {
+        CacheUtil.remove(SESSION_NAME, String.valueOf(userId));
     }
 
 
-    public static boolean isLoginedOk(long userId) {
-        return SESSION_VALUE.equals(CacheUtil.get(SESSION_NAME, userId));
+    public static boolean isLoginedOk(Object userId) {
+        return SESSION_VALUE.equals(CacheUtil.get(SESSION_NAME, String.valueOf(userId)));
     }
 }
diff --git a/jpress-core/src/main/java/io/jpress/web/interceptor/AdminInterceptor.java b/jpress-core/src/main/java/io/jpress/web/interceptor/AdminInterceptor.java
@@ -22,6 +22,7 @@
 import io.jboot.utils.StrUtil;
 import io.jpress.JPressConfig;
 import io.jpress.JPressConsts;
+import io.jpress.commons.utils.SessionUtils;
 import io.jpress.core.menu.MenuManager;
 import io.jpress.model.User;
 import io.jpress.service.RoleService;
@@ -73,6 +74,12 @@ public void intercept(Invocation inv) {
             return;
         }
 
+        if (!SessionUtils.isLoginedOk(Long.valueOf(uid))){
+            CookieUtil.remove(inv.getController(),JPressConsts.COOKIE_UID);
+            inv.invoke();
+            return;
+        }
+
         User user = userService.findById(uid);
         if (user == null || !user.isStatusOk()) {
             inv.getController().renderError(404);

diff --git a/jpress-web/src/main/java/io/jpress/web/admin/_AdminController.java b/jpress-web/src/main/java/io/jpress/web/admin/_AdminController.java
@@ -26,6 +26,7 @@
 import io.jboot.web.validate.Form;
 import io.jpress.JPressConfig;
 import io.jpress.JPressConsts;
+import io.jpress.commons.utils.SessionUtils;
 import io.jpress.core.module.ModuleListener;
 import io.jpress.core.module.ModuleManager;
 import io.jpress.model.User;
@@ -98,6 +99,7 @@ public void doLogin(String user, String pwd) {
         Ret ret = userService.doValidateUserPwd(loginUser, pwd);
 
         if (ret.isOk()) {
+            SessionUtils.record(loginUser.getId());
             CookieUtil.put(this, JPressConsts.COOKIE_UID, loginUser.getId());
         }