首页 发现 帮助
注册 登录
usoft
/
b2bManage
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

更新用户信息cookie保存方法

hejq 7 年之前
父节点
dde901ea22
当前提交
ab94b1c203
共有 2 个文件被更改,包括 9 次插入6 次删除
分列视图 显示文件统计
  1. 3 2
      src/main/java/com/uas/platform/b2bManage/service/impl/UserServiceImpl.java
  2. 6 4
      src/main/java/com/uas/platform/b2bManage/web/filter/SSOInterceptor.java

+ 3 - 2
src/main/java/com/uas/platform/b2bManage/service/impl/UserServiceImpl.java
查看文件 

@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import java.io.IOException;
 
 import java.io.UnsupportedEncodingException;
 
 import java.net.URLEncoder;
 
+import java.nio.charset.StandardCharsets;
 
 import java.util.List;
 
 
 /**
 
@@ -105,8 +106,8 @@ public class UserServiceImpl implements UserService {
 
         if (Md5Utils.encode(passWord, user.getName()).equals(user.getPassword())) {
 
             user.setIp(AgentUtils.getIp(request));
 
             SystemSession.setUser(user);
 
-            Cookie cookie = new Cookie("user", URLEncoder.encode(JSON.toJSONString(user), "UTF-8"));
 
-            response.addCookie(cookie);
 
+            response.setHeader("Set-Cookie", "Secure; HttpOnly");
 
+            response.setHeader("Set-Cookie", "user=" + URLEncoder.encode(JSON.toJSONString(user), String.valueOf(StandardCharsets.UTF_8)));
 
         } else {
 
             throw new IllegalAccessException("账号或密码错误");
 
         }

+ 6 - 4
src/main/java/com/uas/platform/b2bManage/web/filter/SSOInterceptor.java
查看文件 

@@ -8,7 +8,6 @@ import com.uas.platform.b2bManage.support.SecurityConstant;
 
 import com.uas.platform.core.util.serializer.FlexJsonUtils;
 
 import com.uas.sso.SSOHelper;
 
 import com.uas.sso.SSOToken;
 
-import org.apache.http.protocol.HTTP;
 
 import org.apache.log4j.Logger;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.http.HttpStatus;
 
@@ -23,6 +22,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import java.io.IOException;
 
 import java.io.UnsupportedEncodingException;
 
 import java.net.URLDecoder;
 
+import java.nio.charset.StandardCharsets;
 
 
 
 /**
 
@@ -51,7 +51,8 @@ public class SSOInterceptor extends HandlerInterceptorAdapter {
 
         HttpServletRequest httpRequest = (HttpServletRequest) request;
 
         logSession(httpRequest);
 
         User user = SystemSession.getUser();
 
-        if (user == null) {// 未登录则要求登录
 
+        // 未登录则要求登录
 
+        if (user == null) {
 
             logoutSession();
 
             if(!this.onAuthenticateFailed(request, response)) {
 
                 return false;
 
@@ -70,13 +71,14 @@ public class SSOInterceptor extends HandlerInterceptorAdapter {
 
      * @param request
 
      */
 
     private void logSession(HttpServletRequest request) throws UnsupportedEncodingException {
 
-        Cookie[] cookies = request.getCookies();//这样便可以获取一个cookie数组
 
+        //这样便可以获取一个cookie数组
 
+        Cookie[] cookies = request.getCookies();
 
         if (!StringUtils.isEmpty(cookies)) {
 
             for (Cookie cookie : cookies){
 
                 if (null != cookie && cookie.getName().equals("user")) {
 
                     Object jsonStr = cookie.getValue();
 
                     if (jsonStr != null) {
 
-                        String str = URLDecoder.decode(jsonStr.toString(), HTTP.UTF_8);
 
+                        String str = URLDecoder.decode(jsonStr.toString(), String.valueOf(StandardCharsets.UTF_8));
 
                         User user = JSONObject.parseObject(str, User.class);
 
                         SystemSession.setUser(user);
 
                     }