I am working on a multiplayer online authentication module based on AOP and token (because there is no spring security)), which implements login and logout functions.
my idea is this: when a user logs in, a token is generated and put into the cache, and then all the user"s requests are loaded with this token, and the token is deleted from the cache when logging out. It"s natural to think of using redis as a cache. Here"s some code.
dependence
pseudo code for verifying the aspect of the request
@Before("execution(* com.example.securitydemo.controller.*.*(..))&&args(request,..)")
public void validateRequest(HttpServletRequest request) {
if () {
token
token
token
}
}
query the code in the cache for token based on user name
@Cacheable(value = "loginList",key = "-sharpid")
public String readLoginCache(String id) {
return null;
}
Code for storing token in the cache when logging in
@CachePut(key = "-sharpuser.id", value = "loginList")
public String generateToken(User user) {
HashMap<String, Object> map = new HashMap<>();
map.put("userName", user.getUserName());
map.put("roles", user.getUroles());
String jwt = Jwts.builder()
.setClaims(map)
.setExpiration(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
.signWith(SignatureAlgorithm.HS256, SECRET)
.compact();
return TOKEN_PREFIX + jwt;
}
questions
from the results of debug, there is no problem with saving token. The problem lies in the code for querying token, but I don"t know how to query the data in redis cache, and I didn"t find the relevant information. I hope the master can give me some advice. Thank you!