package com.whyc.filter;
|
|
import com.whyc.pojo.User;
|
import com.whyc.util.ShiroUtil;
|
import org.apache.shiro.SecurityUtils;
|
import org.apache.shiro.subject.Subject;
|
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.core.annotation.Order;
|
import org.springframework.util.StringUtils;
|
|
import javax.servlet.*;
|
import javax.servlet.annotation.WebFilter;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpSession;
|
import java.io.IOException;
|
|
/**
|
* 账号同时登录只能1个
|
*/
|
@WebFilter(urlPatterns = "/*", filterName = "kickedOutFilter")
|
public class KickedOutFilter implements Filter {
|
|
@Override
|
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
|
HttpSession session = ((HttpServletRequest) request).getSession();
|
//如果是登录,则不进行Session对比,放行
|
if (!((HttpServletRequest) request).getRequestURI().contains("login")) {
|
String userName = (String) request.getServletContext().getAttribute(session.getId());
|
if (!StringUtils.isEmpty(userName)) {
|
//保存用户的session最新活跃时间
|
request.getServletContext().setAttribute("exp_" + userName, System.currentTimeMillis());
|
|
System.out.println("Filter过滤器中获取到的当前Session的SessionId为:" + session.getId());
|
if (!request.getServletContext().getAttribute(userName).equals(session.getId())) {
|
//如果当前Session所对应的SessionId与全局中用户对应的SessionId不一致,则清除当前Session
|
session.invalidate();
|
response.setContentType("text/html;charset=utf-8");
|
response.getWriter().write("<script language='javascript' type='text/javascript'>alert('账号已经在其他地方登录,请重新登录');self.location='login.html'</script> ");
|
return;
|
}
|
}
|
|
}
|
chain.doFilter(request, response);
|
}
|
}
|
