First draft of JT project summary (3)

Time:2021-7-20

JT project part of the detailed business code

1) Business introduction:

1.1) anonymous access

First draft of JT project summary (3)

First draft of JT project summary (3)~~~~

If the user visits the shopping cart module or order module, the interceptor will intercept the request and redirect it to the user login page.

Specific code:

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    //1. Judge whether the user logs in and check whether the cookie has a value
 String ticket = CookieUtil.getCookieValue(request,"JT_TICKET");
    //2. Check the ticket
 if(!StringUtils.isEmpty(ticket)){
        //3. Judge whether there is a value in redis
 if(jedisCluster.exists(ticket)){
            //4. Get JSON information dynamically
 String userJSON = jedisCluster.get(ticket);
            User user = ObjectMapperUtil.toObj(userJSON,User.class);
            UserThreadLocal.set(user);
            return true;
        }
    }
    response.sendRedirect("/user/login.html");
    return false;
}

The interceptor is implemented in the configuration class of webmvcconfigurer interface
A specific URL is set up in the interceptor to intercept, and non such URL is released

Code implementation:

@Configuration // web.xml configuration file
public class MvcConfigurer implements WebMvcConfigurer{
   
   //Enable matching suffix configuration
 @Override
 public void configurePathMatch(PathMatchConfigurer configurer) {
      //Enable suffix type matching.xxxx.html
 configurer.setUseSuffixPatternMatch(true);
   }
   @Autowired
 private UserInterceptor userInterceptor;
   //Add interceptor function
 @Override
 public void addInterceptors(InterceptorRegistry registry) {
      registry.addInterceptor(userInterceptor)
            .addPathPatterns("/cart/**","/order/**");
   }
}

If the user has not logged in, there will not be one named “JT”_ The cookie session of “ticket” is generated, and the interceptor will intercept the next request and redirect it to the user login page

1.2) user login

When a user logs in, the client sends a login request to the server and enters the controller layer of JT web. The Dubbo micro service framework calls RPC remotely and calls the userserviceimpl login method in the JT SSO single sign on system, which implements the public interface. The specific code is as follows:

JT SSO single sign on module code details:

@Override
public String doLogin(User user) {  //username/password
 //1. Encrypt plaintext
 String md5Pass =
            DigestUtils.md5DigestAsHex(user.getPassword().getBytes());
    user.setPassword(md5Pass);
    QueryWrapper<User> queryWrapper = new QueryWrapper<>(user);
    //Take the non null property in the object as the where condition
 User userDB = userMapper.selectOne(queryWrapper);
    if(userDB == null){
        //Wrong user name or password
 return null;
    }Else {// correct user name and password for single sign on
 String ticket = UUID.randomUUID().toString();
        //If the data is saved to a third party, desensitization is generally required
 Userdb. Setpassword ("123456 do you believe it?");
        String userJSON = ObjectMapperUtil.toJSON(userDB);
        jedisCluster.setex(ticket, 7*24*60*60, userJSON);
        return ticket;
    }
}

Encrypt the code and return the user object. If the encrypted password is consistent with that in the database, that is, the account password is correct, a user object is returned. Because redis is a third-party software, it is necessary to desensitize the returned object and convert the processed user object into JSON format and store it in the redis cluster, Finally, it returns a random value of the ticket generated by the UUID method; The object returned by database query is null, that is, the password is incorrect. Just return a null.

JT web front end page module code details:

@RequestMapping("/doLogin")
@ResponseBody
public SysResult doLogin(User user, HttpServletResponse response){
    String ticket = userService.doLogin(user);
    if(StringUtils.isEmpty(ticket)){
        //The user name or password is wrong
 return SysResult.fail();
    }else{
        //1. Create cookie
 /*Cookie cookie = new Cookie("JT_ TICKET",ticket);  cookie.setMaxAge(7*24*60*60);   // Set cookie lifetime
 cookie.setPath("/");            // Set valid range of cookie
 cookie.setDomain("jt.com");     // Setting the domain name of cookie sharing is an essential element for single sign on
 response.addCookie(cookie);*/ 
        CookieUtil.addCookie(response, "JT_TICKET",ticket,7*24*60*60,"jt.com");
        return SysResult.success();     // Indicates that the user has logged in successfully!!
 }
}

If the ticket returned by JT web RPC remote call JT SSO login operation is not empty, that is, the account password is correct, create a domain name sharing session for subsequent orders and shopping cart modules.

1.3) logged in

If the user has logged in, the user session will be created and the user object will be stored in redis. A ThreadLocal synchronization thread will be created in the implementation class of handlerinterceptor interceptor userinterceptor, and the user object will be stored in the static method of userinterceptor. The static method of getting the user will be provided externally. When the user logs out, the synchronization thread will be destroyed.