package com.smtaiserver.smtaiserver.session;
|
|
import java.util.Collections;
|
import java.util.List;
|
import java.util.regex.Matcher;
|
import java.util.regex.Pattern;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
|
import org.springframework.session.web.http.CookieHttpSessionIdResolver;
|
import org.springframework.session.web.http.DefaultCookieSerializer;
|
import org.springframework.session.web.http.HttpSessionIdResolver;
|
|
import com.smtservlet.util.SMTStatic;
|
|
import org.springframework.session.web.http.CookieSerializer.CookieValue;
|
|
public class HSWaterNetSessionResolver implements HttpSessionIdResolver {
|
|
private static final String WRITTEN_SESSION_ID_ATTR = CookieHttpSessionIdResolver.class.getName()
|
.concat(".WRITTEN_SESSION_ID_ATTR");
|
|
private Pattern _patQueryStringToken = Pattern.compile("\\b?sessionid=([^&]+)");
|
private boolean _useHeader = false;
|
private boolean _useCookie = false;
|
private String headerName = "x-auth-token";
|
private String urlParamName = "websessionid";
|
private DefaultCookieSerializer cookieSerializer = null;
|
|
public HSWaterNetSessionResolver(String sessionName, boolean useHeader, boolean useCookie)
|
{
|
if(!useHeader && !useCookie)
|
throw new RuntimeException("can't set use head and use cookie all false");
|
_useHeader = useHeader;
|
_useCookie = useCookie;
|
headerName = sessionName;
|
|
if(_useCookie)
|
{
|
cookieSerializer = new DefaultCookieSerializer();
|
cookieSerializer.setCookieName(sessionName);
|
}
|
}
|
|
@Override
|
public List<String> resolveSessionIds(HttpServletRequest request)
|
{
|
String requestURI = request.getRequestURI();
|
|
if(!"/login".equals(requestURI))
|
{
|
// 如果存在url,则使用
|
String urlParam = request.getQueryString();
|
if(!SMTStatic.isNullOrEmpty(urlParam))
|
{
|
Matcher m = _patQueryStringToken.matcher(urlParam);
|
if(m.find())
|
{
|
String sessionKey = m.group(1);
|
return Collections.singletonList(sessionKey);
|
}
|
}
|
|
// 如果存在头信息,则使用
|
if(_useHeader)
|
{
|
String urlValue = request.getParameter(urlParamName);
|
if(!SMTStatic.isNullOrEmpty(urlValue))
|
return Collections.singletonList(urlValue);
|
|
String headerValue = request.getHeader(this.headerName);
|
if(!SMTStatic.isNullOrEmpty(headerValue))
|
return Collections.singletonList(headerValue);
|
|
if(!_useCookie)
|
return Collections.emptyList();
|
}
|
|
// 如果不存在则使用cookie
|
return this.cookieSerializer.readCookieValues(request);
|
}
|
else
|
{
|
return Collections.emptyList();
|
}
|
}
|
|
@Override
|
public void setSessionId(HttpServletRequest request, HttpServletResponse response, String sessionId)
|
{
|
// 设置头的session id
|
if(_useHeader)
|
{
|
response.setHeader(this.headerName, sessionId);
|
}
|
|
// 设置cookie的session id
|
if(_useCookie)
|
{
|
if (sessionId.equals(request.getAttribute(WRITTEN_SESSION_ID_ATTR))) {
|
return;
|
}
|
request.setAttribute(WRITTEN_SESSION_ID_ATTR, sessionId);
|
this.cookieSerializer.writeCookieValue(new CookieValue(request, response, sessionId));
|
}
|
}
|
|
@Override
|
public void expireSession(HttpServletRequest request, HttpServletResponse response)
|
{
|
// 清空头session
|
if(_useHeader)
|
{
|
response.setHeader(this.headerName, "");
|
}
|
|
// 清空cookie
|
if(_useCookie)
|
{
|
this.cookieSerializer.writeCookieValue(new CookieValue(request, response, ""));
|
}
|
}
|
}
|
