spring session 实现相同账号只允许一人登录-爱代码爱编程
在获取session的Service中,加入代码:
@Autowired
private FindByIndexNameSessionRepository<? extends Session> sessions;
登录校验成功后,删除旧session信息,代码如下:
public boolean removeOldLoginUserInfo(Integer userId, String sessionId) {
String key = USER_LOGIN_KEY + userId;
String sessionIdForRedis = redisTemplate.opsForValue().get(key);
if (logger.isInfoEnabled()) {
logger.error("userId is {}, sessionId is {}, sessionIdForRedis is {}", userId, sessionId, sessionIdForRedis);
}
if (!StringUtils.equalsIgnoreCase(sessionIdForRedis, sessionId)) {
Session oldSession = sessions.getSession(sessionIdForRedis);
if (oldSession != null) {
if (logger.isInfoEnabled()) {
logger.info("old session toke is {} ", (String) oldSession.getAttribute(SessionKeyEnum.TOKEN.getKey()));
}
oldSession.removeAttribute(SessionKeyEnum.ACCOUNT.getKey());
oldSession.removeAttribute(SessionKeyEnum.TOKEN.getKey());
oldSession.removeAttribute(SessionKeyEnum.USER_NAME.getKey());
}
}
redisTemplate.opsForValue().set(key, sessionId);
return true;
}
拦截器中获取session信息做较验。