中康-去掉单点登录

fs-admin/src/main/java/com/fs/core/security/filter/JwtAuthenticationTokenFilter.java

@@ -1,24 +1,21 @@
 package com.fs.core.security.filter;
 
-import java.io.IOException;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import com.fs.common.core.redis.RedisCache;
-import com.fs.core.exception.FSException;
+import com.fs.common.utils.StringUtils;
 import com.fs.core.security.LoginUser;
+import com.fs.core.security.SecurityUtils;
+import com.fs.core.web.service.TokenService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
-import com.fs.core.security.SecurityUtils;
-import com.fs.common.utils.StringUtils;
-import com.fs.core.web.service.TokenService;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 
 /**
  * token过滤器 验证token有效性
@@ -30,8 +27,6 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
 {
     @Autowired
     private TokenService tokenService;
-    @Autowired
-    private RedisCache redisCache;
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
             throws ServletException, IOException
@@ -39,12 +34,6 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
         LoginUser loginUser = tokenService.getLoginUser(request);
         if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
         {
-            //如果REDIS中的TOKEN与请求的TOKEN不一致，抛出异常
-            String requestToken = tokenService.getHeaderToken(request).substring(7);
-            String token=redisCache.getCacheObject("token-pc:"+loginUser.getUsername());
-            if(!token.equals(requestToken)){
-                throw new FSException("Token失效，请重新登录", HttpStatus.UNAUTHORIZED.value());
-            }
             tokenService.verifyToken(loginUser);
             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
             authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

fs-admin/src/main/java/com/fs/web/controller/system/SysLoginController.java

@@ -5,7 +5,6 @@ import com.fs.common.core.domain.AjaxResult;
 import com.fs.common.core.domain.R;
 import com.fs.common.core.domain.entity.SysMenu;
 import com.fs.common.core.domain.entity.SysUser;
-import com.fs.common.core.redis.RedisCache;
 import com.fs.common.utils.PatternUtils;
 import com.fs.common.utils.ServletUtils;
 import com.fs.core.security.LoginBody;
@@ -32,9 +31,6 @@ import java.util.Set;
 @RestController
 public class SysLoginController
 {
-    @Autowired
-    private RedisCache redisCache;
-
     @Autowired
     private SysLoginService loginService;
 
@@ -65,8 +61,6 @@ public class SysLoginController
             // 生成令牌
             String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
                     loginBody.getUuid());
-            //写入用户TOKEN
-            redisCache.setCacheObject("token-pc:"+loginBody.getUsername(),token);
             return R.ok().put(Constants.TOKEN, token);
         }
         catch (Exception e){