/trunk/src/com/mycms/core/manager/impl/AuthenticationMngImpl.java

https://gitlab.com/BGCX262/zyzweb-svn-to-git · Java · 174 lines · 124 code · 23 blank · 27 comment · 10 complexity · 3a555bd34f954de6ef9588ebdd7b2a8e MD5 · raw file 

    

  1. package com.mycms.core.manager.impl;

    2. 

  2. 

    3. 

  3. import java.sql.Timestamp;

    4. 

  4. import java.util.Date;

    5. 

  5. import java.util.UUID;

    6. 

  6. 

    7. 

  7. import javax.servlet.http.HttpServletRequest;

    8. 

  8. import javax.servlet.http.HttpServletResponse;

    9. 

  9. 

    10. 

  10. import org.apache.commons.lang.StringUtils;

    11. 

  11. import org.slf4j.Logger;

    12. 

  12. import org.slf4j.LoggerFactory;

    13. 

  13. import org.springframework.beans.factory.annotation.Autowired;

    14. 

  14. import org.springframework.stereotype.Service;

    15. 

  15. import org.springframework.transaction.annotation.Transactional;

    16. 

  16. 

    17. 

  17. import com.mycms.common.page.Pagination;

    18. 

  18. import com.mycms.common.security.BadCredentialsException;

    19. 

  19. import com.mycms.common.security.UsernameNotFoundException;

    20. 

  20. import com.mycms.common.web.session.SessionProvider;

    21. 

  21. import com.mycms.core.dao.AuthenticationDao;

    22. 

  22. import com.mycms.core.entity.Authentication;

    23. 

  23. import com.mycms.core.entity.UnifiedUser;

    24. 

  24. import com.mycms.core.manager.AuthenticationMng;

    25. 

  25. import com.mycms.core.manager.UnifiedUserMng;

    26. 

  26. 

    27. 

  27. @Service

    28. 

  28. @Transactional

    29. 

  29. public class AuthenticationMngImpl implements AuthenticationMng {

    30. 

  30. 	private Logger log = LoggerFactory.getLogger(AuthenticationMngImpl.class);

    31. 

  31. 

    32. 

  32. 	public Authentication login(String username, String password, String ip,

    33. 

  33. 			HttpServletRequest request, HttpServletResponse response,

    34. 

  34. 			SessionProvider session) throws UsernameNotFoundException,

    35. 

  35. 			BadCredentialsException {

    36. 

  36. 		UnifiedUser user = unifiedUserMng.login(username, password, ip);

    37. 

  37. 		Authentication auth = new Authentication();

    38. 

  38. 		auth.setUid(user.getId());

    39. 

  39. 		auth.setUsername(user.getUsername());

    40. 

  40. 		auth.setEmail(user.getEmail());

    41. 

  41. 		auth.setLoginIp(ip);

    42. 

  42. 		save(auth);

    43. 

  43. 		session.setAttribute(request, response, AUTH_KEY, auth.getId());

    44. 

  44. 		return auth;

    45. 

  45. 	}

    46. 

  46. 

    47. 

  47. 	public Authentication retrieve(String authId) {

    48. 

  48. 		long current = System.currentTimeMillis();

    49. 

  49. 		// 是否刷新数据库

    50. 

  50. 		if (refreshTime < current) {

    51. 

  51. 			refreshTime = getNextRefreshTime(current, interval);

    52. 

  52. 			int count = dao.deleteExpire(new Date(current - timeout));

    53. 

  53. 			log.info("refresh Authentication, delete count: {}", count);

    54. 

  54. 		}

    55. 

  55. 		Authentication auth = findById(authId);

    56. 

  56. 		if (auth != null && auth.getUpdateTime().getTime() + timeout > current) {

    57. 

  57. 			auth.setUpdateTime(new Timestamp(current));

    58. 

  58. 			return auth;

    59. 

  59. 		} else {

    60. 

  60. 			return null;

    61. 

  61. 		}

    62. 

  62. 	}

    63. 

  63. 

    64. 

  64. 	public Integer retrieveUserIdFromSession(SessionProvider session,

    65. 

  65. 			HttpServletRequest request) {

    66. 

  66. 		String authId = (String) session.getAttribute(request, AUTH_KEY);

    67. 

  67. 		if (authId == null) {

    68. 

  68. 			return null;

    69. 

  69. 		}

    70. 

  70. 		Authentication auth = retrieve(authId);

    71. 

  71. 		if (auth == null) {

    72. 

  72. 			return null;

    73. 

  73. 		}

    74. 

  74. 		return auth.getUid();

    75. 

  75. 	}

    76. 

  76. 

    77. 

  77. 	public void storeAuthIdToSession(SessionProvider session,

    78. 

  78. 			HttpServletRequest request, HttpServletResponse response,

    79. 

  79. 			String authId) {

    80. 

  80. 		session.setAttribute(request, response, AUTH_KEY, authId);

    81. 

  81. 	}

    82. 

  82. 

    83. 

  83. 	@Transactional(readOnly = true)

    84. 

  84. 	public Pagination getPage(int pageNo, int pageSize) {

    85. 

  85. 		Pagination page = dao.getPage(pageNo, pageSize);

    86. 

  86. 		return page;

    87. 

  87. 	}

    88. 

  88. 

    89. 

  89. 	@Transactional(readOnly = true)

    90. 

  90. 	public Authentication findById(String id) {

    91. 

  91. 		Authentication entity = dao.findById(id);

    92. 

  92. 		return entity;

    93. 

  93. 	}

    94. 

  94. 

    95. 

  95. 	public Authentication save(Authentication bean) {

    96. 

  96. 		bean.setId(StringUtils.remove(UUID.randomUUID().toString(), '-'));

    97. 

  97. 		bean.init();

    98. 

  98. 		dao.save(bean);

    99. 

  99. 		return bean;

    100. 

  100. 	}

    101. 

  101. 

    102. 

  102. 	public Authentication deleteById(String id) {

    103. 

  103. 		Authentication bean = dao.deleteById(id);

    104. 

  104. 		return bean;

    105. 

  105. 	}

    106. 

  106. 

    107. 

  107. 	public Authentication[] deleteByIds(String[] ids) {

    108. 

  108. 		Authentication[] beans = new Authentication[ids.length];

    109. 

  109. 		for (int i = 0, len = ids.length; i < len; i++) {

    110. 

  110. 			beans[i] = deleteById(ids[i]);

    111. 

  111. 		}

    112. 

  112. 		return beans;

    113. 

  113. 	}

    114. 

  114. 

    115. 

  115. 	// 过期时间

    116. 

  116. 	private int timeout = 30 * 60 * 1000; // 30分钟

    117. 

  117. 

    118. 

  118. 	// 间隔时间

    119. 

  119. 	private int interval = 4 * 60 * 60 * 1000; // 4小时

    120. 

  120. 

    121. 

  121. 	// 刷新时间。

    122. 

  122. 	private long refreshTime = getNextRefreshTime(System.currentTimeMillis(),

    123. 

  123. 			this.interval);

    124. 

  124. 

    125. 

  125. 	private UnifiedUserMng unifiedUserMng;

    126. 

  126. 	private AuthenticationDao dao;

    127. 

  127. 

    128. 

  128. 	@Autowired

    129. 

  129. 	public void setDao(AuthenticationDao dao) {

    130. 

  130. 		this.dao = dao;

    131. 

  131. 	}

    132. 

  132. 

    133. 

  133. 	@Autowired

    134. 

  134. 	public void setUserMng(UnifiedUserMng unifiedUserMng) {

    135. 

  135. 		this.unifiedUserMng = unifiedUserMng;

    136. 

  136. 	}

    137. 

  137. 

    138. 

  138. 	/**

    139. 

  139. 	 * 设置认证过期时间。默认30分钟。

    140. 

  140. 	 * 

    141. 

  141. 	 * @param timeout

    142. 

  142. 	 *            单位分钟

    143. 

  143. 	 */

    144. 

  144. 	public void setTimeout(int timeout) {

    145. 

  145. 		this.timeout = timeout * 60 * 1000;

    146. 

  146. 	}

    147. 

  147. 

    148. 

  148. 	/**

    149. 

  149. 	 * 设置刷新数据库时间。默认4小时。

    150. 

  150. 	 * 

    151. 

  151. 	 * @param interval

    152. 

  152. 	 *            单位分钟

    153. 

  153. 	 */

    154. 

  154. 	public void setInterval(int interval) {

    155. 

  155. 		this.interval = interval * 60 * 1000;

    156. 

  156. 		this.refreshTime = getNextRefreshTime(System.currentTimeMillis(),

    157. 

  157. 				this.interval);

    158. 

  158. 	}

    159. 

  159. 

    160. 

  160. 	/**

    161. 

  161. 	 * 获得下一个刷新时间。

    162. 

  162. 	 * 

    163. 

  163. 	 * 

    164. 

  164. 	 * 

    165. 

  165. 	 * @param current

    166. 

  166. 	 * @param interval

    167. 

  167. 	 * @return 随机间隔时间

    168. 

  168. 	 */

    169. 

  169. 	private long getNextRefreshTime(long current, int interval) {

    170. 

  170. 		return current + interval;

    171. 

  171. 		// 为了防止多个应用同时刷新,间隔时间=interval+RandomUtils.nextInt(interval/4);

    172. 

  172. 		// return current + interval + RandomUtils.nextInt(interval / 4);

    173. 

  173. 	}

    174. 

  174. }
    175.