Add RememberKey's cookie on backend

kanban-auth/src/main/java/com/uas/kanban/controller/UserController.java

@@ -14,7 +14,9 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.ResponseBody;
 
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
@@ -44,6 +46,7 @@ public class UserController extends BaseController<User> {
      * @param name     名称
      * @param password 密码
      * @param request  request
+     * @param response response
      * @return 登陆信息
      * <table border=1 cellpadding=5 cellspacing=0 summary="Fields and types">
      * <tr>
@@ -71,22 +74,40 @@ public class UserController extends BaseController<User> {
     @RequestMapping("/login")
     @ResponseBody
     public Map<String, Object> login(@NotEmpty("name") String name, @NotEmpty("password") String password,
-                                     HttpServletRequest request) {
+                                     HttpServletRequest request, HttpServletResponse response) {
         User user = userService.login(name, password);
         if (user != null) {
             sessionHelper.saveSession(request, user);
             String userCode = user.codeNotEmpty();
             RememberKey rememberKey = rememberKeyService.generate(userCode);
+            // 生成的 key 保存到 cookie 里
+            Integer maxInactiveInterval = rememberKey.getMaxInactiveInterval();
+            addCookie("code", userCode, maxInactiveInterval, response);
+            addCookie("key", rememberKey.getKey(), maxInactiveInterval, response);
+
             Map<String, Object> map = new HashMap<>();
-            map.put("code", userCode);
             map.put("name", name);
             map.put("role", user.getRole());
-            map.put("key", rememberKey.getKey());
             return map;
         }
         return null;
     }
 
+    /**
+     * 添加 cookie
+     *
+     * @param name     cookie 名
+     * @param value    cookie 值
+     * @param maxAge   有效时间（秒）
+     * @param response response
+     */
+    private void addCookie(String name, String value, Integer maxAge, HttpServletResponse response) {
+        Cookie cookie = new Cookie(name, value);
+        cookie.setMaxAge(maxAge);
+        cookie.setPath("/");
+        response.addCookie(cookie);
+    }
+
     /**
      * 退出登陆
      *

kanban-auth/src/main/java/com/uas/kanban/filter/SecurityInterceptor.java

@@ -85,7 +85,7 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
             // 尝试自动登陆
             user = autoLogin(request);
             if (user == null) {
-                logger.info("No session for path: " + url + " , redirecting to page: login ...");
+                logger.info("No session for path: " + url);
                 // 如果是 XMLHttpRequest ，抛出异常，否则重定向
                 if (Objects.equals("XMLHttpRequest", request.getHeader("X-Requested-With"))) {
                     throw new SecurityException("未登录");
@@ -139,11 +139,8 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
         if (!StringUtils.isEmpty(userCode) && !StringUtils.isEmpty(key)) {
             RememberKey rememberKey = rememberKeyDao.findByUserCodeAndKey(userCode, key);
             if (rememberKey != null) {
-                Date lastModified = rememberKey.getLastModified();
-                Long maxInactiveInterval = rememberKey.getMaxInactiveInterval();
-                Date now = new Date();
                 // 如果 key 未过有效期，自动创建 session
-                if (now.getTime() < lastModified.getTime() + maxInactiveInterval * 1000L) {
+                if (new Date().getTime() < rememberKey.getLastModified().getTime() + rememberKey.getMaxInactiveInterval() * 1000L) {
                     User user = userDao.findOne(userCode);
                     if (user != null) {
                         sessionHelper.saveSession(request, user);

kanban-auth/src/main/java/com/uas/kanban/model/RememberKey.java

@@ -22,7 +22,7 @@ public class RememberKey extends BaseEntity {
     /**
      * 有效期（秒）
      */
-    public static final long MAX_INACTIVE_INTERVAL = 3600 * 24 * 30;
+    public static final int MAX_INACTIVE_INTERVAL = 3600 * 24 * 30;
 
     private static final long serialVersionUID = 1L;
 
@@ -43,7 +43,7 @@ public class RememberKey extends BaseEntity {
      * 有效期
      */
     @FieldProperty(nullable = false)
-    private Long maxInactiveInterval;
+    private Integer maxInactiveInterval;
 
     public RememberKey() {
     }
@@ -75,11 +75,11 @@ public class RememberKey extends BaseEntity {
         this.key = key;
     }
 
-    public Long getMaxInactiveInterval() {
+    public Integer getMaxInactiveInterval() {
         return maxInactiveInterval;
     }
 
-    public void setMaxInactiveInterval(Long maxInactiveInterval) {
+    public void setMaxInactiveInterval(Integer maxInactiveInterval) {
         this.maxInactiveInterval = maxInactiveInterval;
     }
 

kanban-console/src/main/webapp/resources/app/controller/login.js

@@ -44,9 +44,7 @@ Ext.define('erp.controller.login', {
 									me.setCookie('username',res.name,'/',14);
 									me.setCookie('password',values.password);
 									me.setCookie('role',res.role,'/',14);
-									me.setCookie('code',res.code,'/',14);
-                                    me.setCookie('key',res.key,'/',30);
-									
+
 									/**
 									 * 获取链接参数
 									 *