mirror of
https://github.com/didi/KnowStreaming.git
synced 2026-01-10 00:42:07 +08:00
110 lines
3.7 KiB
Markdown
110 lines
3.7 KiB
Markdown
|
||
|
||
|
||
## 登录系统对接
|
||
|
||
### 前言
|
||
|
||
KnowStreaming 除了实现基于本地MySQL的用户登录认证方式外,还实现了基于Ldap的登录认证。
|
||
|
||
但是,登录认证系统并非仅此两种,因此本文将介绍 KnowStreaming 如何对接自有的用户登录认证系统。
|
||
|
||
下面我们正式开始介绍登录系统的对接。
|
||
|
||
### 如何对接?
|
||
|
||
- 实现Log-Common中的LoginService的三个接口即可;
|
||
|
||
```Java
|
||
// LoginService三个方法
|
||
public interface LoginService {
|
||
/**
|
||
* 验证登录信息,同时记住登录状态
|
||
*/
|
||
UserBriefVO verifyLogin(AccountLoginDTO loginDTO, HttpServletRequest request, HttpServletResponse response) throws LogiSecurityException;
|
||
|
||
/**
|
||
* 登出接口,清楚登录状态
|
||
*/
|
||
Result<Boolean> logout(HttpServletRequest request, HttpServletResponse response);
|
||
|
||
/**
|
||
* 检查是否已经登录
|
||
*/
|
||
boolean interceptorCheck(HttpServletRequest request, HttpServletResponse response,
|
||
String requestMappingValue,
|
||
List<String> whiteMappingValues) throws IOException;
|
||
}
|
||
|
||
```
|
||
|
||
没错,登录就是如此的简单,仅仅只需要实现上述的三个接口即可。说了半天,具体如何做呢,能不能给个例子?
|
||
|
||
|
||
### 有没有例子?
|
||
|
||
我们以Ldap对接为例,说明KnowStreaming如何对接登录认证系统。
|
||
|
||
```Java
|
||
// 继承 LoginService 接口
|
||
public class LdapLoginServiceImpl implements LoginService {
|
||
private static final Logger LOGGER = LoggerFactory.getLogger(LdapLoginServiceImpl.class);
|
||
|
||
// Ldap校验
|
||
@Autowired
|
||
private LdapAuthentication ldapAuthentication;
|
||
|
||
@Override
|
||
public UserBriefVO verifyLogin(AccountLoginDTO loginDTO,
|
||
HttpServletRequest request,
|
||
HttpServletResponse response) throws LogiSecurityException {
|
||
String decodePasswd = AESUtils.decrypt(loginDTO.getPw());
|
||
|
||
// 去LDAP验证账密
|
||
LdapPrincipal ldapAttrsInfo = ldapAuthentication.authenticate(loginDTO.getUserName(), decodePasswd);
|
||
if (ldapAttrsInfo == null) {
|
||
// 用户不存在,正常来说上如果有问题,上一步会直接抛出异常
|
||
throw new LogiSecurityException(ResultCode.USER_NOT_EXISTS);
|
||
}
|
||
|
||
// 进行业务相关操作
|
||
|
||
// 记录登录状态,Ldap因为无法记录登录状态,因此有KnowStreaming进行记录
|
||
initLoginContext(request, response, loginDTO.getUserName(), user.getId());
|
||
return CopyBeanUtil.copy(user, UserBriefVO.class);
|
||
}
|
||
|
||
@Override
|
||
public Result<Boolean> logout(HttpServletRequest request, HttpServletResponse response) {
|
||
request.getSession().invalidate();
|
||
response.setStatus(REDIRECT_CODE);
|
||
return Result.buildSucc(Boolean.TRUE);
|
||
}
|
||
|
||
@Override
|
||
public boolean interceptorCheck(HttpServletRequest request, HttpServletResponse response, String requestMappingValue, List<String> whiteMappingValues) throws IOException {
|
||
// 其他处理
|
||
|
||
// 检查是否已经登录
|
||
String userName = HttpRequestUtil.getOperator(request);
|
||
if (StringUtils.isEmpty(userName)) {
|
||
// 未登录,则进行登出
|
||
logout(request, response);
|
||
return Boolean.FALSE;
|
||
}
|
||
|
||
// 其他业务处理
|
||
|
||
return Boolean.TRUE;
|
||
}
|
||
}
|
||
|
||
```
|
||
|
||
|
||
### 背后原理是?
|
||
|
||
- KnowStreaming 会拦截所有的接口请求;
|
||
- 拦截到请求之后,如果是登录的请求,则调用LoginService.verifyLogin();
|
||
- 拦截到请求之后,如果是登出的请求,则调用LoginService.logout();
|
||
- 拦截到请求之后,如果是其他请求,则调用LoginService.interceptorCheck(); |