jt project summary draft

Detailed business code introduction of jt project

1) Business introduction:

1.1) anonymous access

~~~~

Users access jt.com via Com enters the JT home page. At this time, it is an anonymous user. If the user visits the shopping cart module or order module, the interceptor will intercept this request and redirect it to the user login page.

Specific code:

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    //1. Judge whether the user logs in and check whether the cookie has a value
 String ticket = CookieUtil.getCookieValue(request,"JT_TICKET");
    //2. Check ticket
 if(!StringUtils.isEmpty(ticket)){
        //3. Judge whether there is a value in redis
 if(jedisCluster.exists(ticket)){
            //4. Get json information dynamically
 String userJSON = jedisCluster.get(ticket);
            User user = ObjectMapperUtil.toObj(userJSON,User.class);
            UserThreadLocal.set(user);
            return true;
        }
    }
    response.sendRedirect("/user/login.html");
    return false;
}

Give the interceptor to the configuration class of the WebMvcConfigurer interface for implementation
Specific URLs are specified in the interceptor for interception, and non such URLs are released

Code implementation:

@Configuration //web.xml configuration file
public class MvcConfigurer implements WebMvcConfigurer{
   
   //Enable matching suffix configuration
 @Override
 public void configurePathMatch(PathMatchConfigurer configurer) {
      //Enable suffix type matching xxxx.html
 configurer.setUseSuffixPatternMatch(true);
   }
   @Autowired
 private UserInterceptor userInterceptor;
   //Add interceptor function
 @Override
 public void addInterceptors(InterceptorRegistry registry) {
      registry.addInterceptor(userInterceptor)
            .addPathPatterns("/cart/**","/order/**");
   }
}

If the user has not logged in, a Cookie session named "JT_TICKET" will not be generated, and the interceptor will intercept the next request and redirect it to the user login page

1.2) user login

When the user logs in, the client sends a login request to the server and enters the Controller layer of JT web. The dubbo micro service framework makes RPC remote call and calls the UserServiceImpl login method in the JT SSO single sign on system that implements the public interface. The specific code is as follows:

JT SSO single sign on module code details:

@Override
public String doLogin(User user) {  //username/password
 //1. Encrypt plaintext
 String md5Pass =
            DigestUtils.md5DigestAsHex(user.getPassword().getBytes());
    user.setPassword(md5Pass);
    QueryWrapper<User> queryWrapper = new QueryWrapper<>(user);
    //Treat the non null property in the object as the where condition
 User userDB = userMapper.selectOne(queryWrapper);
    if(userDB == null){
        //Wrong user name or password
 return null;
    }else{ //The user name and password are correct to realize the single sign on operation
 String ticket = UUID.randomUUID().toString();
        //If the data is saved to a third party, desensitization is generally required
 userDB.setPassword("123456 Do you believe it??");
        String userJSON = ObjectMapperUtil.toJSON(userDB);
        jedisCluster.setex(ticket, 7*24*60*60, userJSON);
        return ticket;
    }
}

Encrypt the code and return the User object. If the encrypted password is consistent with that in the database, that is, the account password is correct, return a User object. Because redis is a third-party software, desensitize the returned object, convert the processed User object into Json format and store it in the redis cluster, and finally return a random value of ticket generated by UUID method; The object returned by the database query is null, that is, the password is incorrect. Just return a null.

Detailed explanation of JT web front-end page module code:

@RequestMapping("/doLogin")
@ResponseBody
public SysResult doLogin(User user, HttpServletResponse response){
    String ticket = userService.doLogin(user);
    if(StringUtils.isEmpty(ticket)){
        //Description user name or password error
 return SysResult.fail();
    }else{
        //1. Create cookies
 /*Cookie cookie = new Cookie("JT_TICKET",ticket); cookie.setMaxAge(7*24*60*60);   //Set cookie lifetime
 cookie.setPath("/");            //Set cookie valid range
 cookie.setDomain("jt.com");     //Setting the domain name of cookie sharing is a necessary element to realize single sign on
 response.addCookie(cookie);*/ 
        CookieUtil.addCookie(response, "JT_TICKET",ticket,7*24*60*60,"jt.com");
        return SysResult.success();     //Indicates that the user has logged in successfully!!
 }
}

If the ticket returned by JT web RPC remote call JT SSO login operation is not empty, that is, the account password is correct, create a domain name sharing session for subsequent orders and shopping cart modules.

1.3) logged in

If the User has logged in, the User session will be created and the User object will be stored in redis, and a ThreadLocal synchronization thread will be created in the HandlerInterceptor interceptor implementation class UserInterceptor, the User object will be stored in the static method of UserInterceptor, and the static method of get ting the User will be provided externally. When the User logs out, the synchronization thread will be destroyed.

Tags: Java JSON Redis Spring Boot

Posted by deepermethod on Sat, 07 May 2022 05:08:26 +0300