oauth

pom.xml

@@ -24,7 +24,7 @@
         <commons.codec.version>1.10</commons.codec.version>
         <commons.configuration.version>1.10</commons.configuration.version>
         <hutool.version>5.7.20</hutool.version>
-        <satoken.version>1.29.0</satoken.version>
+        <satoken.version>1.35.0.RC</satoken.version>
         <lombok.version>1.18.4</lombok.version>
         <fastjson.version>1.2.83</fastjson.version>
         <joda.time.version>2.9.9</joda.time.version>
@@ -142,9 +142,15 @@
         </dependency>
 
         <!-- Sa-Token 整合 Redis （使用jdk默认序列化方式） -->
+<!--        <dependency>-->
+<!--            <groupId>cn.dev33</groupId>-->
+<!--            <artifactId>sa-token-dao-redis</artifactId>-->
+<!--            <version>${satoken.version}</version>-->
+<!--        </dependency>-->
+
         <dependency>
             <groupId>cn.dev33</groupId>
-            <artifactId>sa-token-dao-redis</artifactId>
+            <artifactId>sa-token-redis</artifactId>
             <version>${satoken.version}</version>
         </dependency>
 

src/main/java/com/xjrsoft/config/SaTokenConfig.java

@@ -1,7 +1,7 @@
 package com.xjrsoft.config;
 
 import cn.dev33.satoken.context.SaHolder;
-import cn.dev33.satoken.exception.DisableLoginException;
+import cn.dev33.satoken.exception.DisableServiceException;
 import cn.dev33.satoken.exception.NotLoginException;
 import cn.dev33.satoken.exception.NotPermissionException;
 import cn.dev33.satoken.exception.NotRoleException;
@@ -91,7 +91,7 @@ public class SaTokenConfig implements WebMvcConfigurer {
                         return SaResult.get(ResponseCode.REQ_REJECT.getCode(), ResponseCode.REQ_REJECT.getMessage(), null);
                     } else if (e instanceof NotPermissionException) {    // 如果是权限异常
                         return SaResult.get(ResponseCode.REQ_REJECT.getCode(), ResponseCode.REQ_REJECT.getMessage(), null);
-                    } else if (e instanceof DisableLoginException) {    // 如果是被封禁异常
+                    } else if (e instanceof DisableServiceException) {    // 如果是被封禁异常
                         return SaResult.get(ResponseCode.REQ_REJECT.getCode(), ResponseCode.REQ_REJECT.getMessage(), null);
                     } else {    // 普通异常, 输出：500 + 异常信息
                         return SaResult.get(ResponseCode.INTERNAL_SERVER_ERROR.getCode(), ResponseCode.INTERNAL_SERVER_ERROR.getMessage(), null);

src/main/java/com/xjrsoft/module/system/controller/Oauth2Controller.java

@@ -57,28 +57,26 @@ public class Oauth2Controller {
     public void setSaOAuth2Config(SaOAuth2Config cfg) {
         // 配置：未登录时返回的View
         cfg.setNotLoginView(() -> {
-                    HttpServletRequest req = SpringMVCUtil.getRequest();
-                    Map<String, String[]> paramMap = req.getParameterMap();
+                    SaRequest req = SaHolder.getRequest();
+                    Map<String, String> paramMap = req.getParamMap();
                     StringBuilder param = new StringBuilder();
                     paramMap.forEach((k, v) -> {
-                        param.append("&").append(k).append("=").append(v[0]);
+                        param.append("&").append(k).append("=").append(v);
                     });
                     param.deleteCharAt(0);
-                    String callBackUrl = String.format("%s?%s", req.getRequestURL(), param);
+                    String callBackUrl = String.format("%s?%s", commonPropertiesConfig.getDomainApi(), param);
 
                     String key = GlobalConstant.OAUTH2 + IdUtil.simpleUUID();
                     redisUtil.set(key, callBackUrl, 86400);
 
-                    HttpServletResponse res = SpringMVCUtil.getResponse();
-                    Cookie cookie = new Cookie("Oauth2Info",key);
+                    SaResponse res = SaHolder.getResponse();
+                    SaCookie cookie = new SaCookie()
+                            .setName("Oauth2Info")
+                            .setValue(key);
 
                     res.addCookie(cookie);
 
-                    try {
-                        res.sendRedirect(String.format("%s/#/login", commonPropertiesConfig.getDomainWeb()));
-                    } catch (IOException e) {
-                        throw new RuntimeException(e);
-                    }
+                    res.redirect(String.format("%s/#/login", commonPropertiesConfig.getDomainWeb()));
                     return null;
                 }).
                 // 配置：登录处理函数

src/main/java/com/xjrsoft/module/system/service/impl/LoginServiceImpl.java

@@ -5,6 +5,7 @@ import cn.dev33.satoken.oauth2.SaOAuth2Manager;
 import cn.dev33.satoken.oauth2.config.SaOAuth2Config;
 import cn.dev33.satoken.secure.BCrypt;
 import cn.dev33.satoken.session.SaSession;
+import cn.dev33.satoken.spring.SpringMVCUtil;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.dev33.satoken.temp.SaTempUtil;
 import cn.hutool.core.util.IdUtil;
@@ -42,6 +43,7 @@ import org.jetbrains.annotations.NotNull;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import javax.servlet.http.HttpServletRequest;
 import java.util.List;
 import java.util.UUID;
 import java.util.stream.Collectors;
@@ -79,7 +81,7 @@ public class LoginServiceImpl implements ILoginService {
     public LoginVo login(LoginDto dto) throws Exception {
         if (licenseConfig.getEnabled()) {
             //查出所有在线用户
-            List<String> onlineUser = StpUtil.searchSessionId("", 0, Integer.MAX_VALUE);
+            List<String> onlineUser = StpUtil.searchSessionId("", 0, -1, true);
 
             //如果已经登录人数超过授权人数  不允许登录
             if (onlineUser.size() >= licenseConfig.getLoginMax()) {

src/main/resources/application-dev.yml

@@ -62,6 +62,7 @@ xjrsoft:
     default-password: "000000" #默认密码（用户重置密码后为该密码）
     domain-api: https://test.tl.web.yingcaibx.com/api #api域名地址
     domain-web: https://test.tl.web.yingcaibx.com #web域名地址
+#    domain-api: http://127.0.0.1:9000/api #api域名地址
 #    domain-web: http://127.0.0.1:9000 #web域名地址
     white-list:
       - 192.168.0.139