220413
This commit is contained in:
MaxKey
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -19,6 +19,8 @@ package org.maxkey;
|
||||
|
||||
import org.maxkey.jobs.AccountsStrategyJob;
|
||||
import org.maxkey.jobs.DynamicGroupsJob;
|
||||
import org.maxkey.persistence.repository.LoginHistoryRepository;
|
||||
import org.maxkey.persistence.repository.LoginRepository;
|
||||
import org.maxkey.persistence.service.AccountsService;
|
||||
import org.maxkey.persistence.service.GroupsService;
|
||||
import org.opensaml.xml.ConfigurationException;
|
||||
@@ -134,6 +136,14 @@ public class MaxKeyMgtJobs implements InitializingBean {
|
||||
scheduler.scheduleJob(jobDetail,cronTrigger);
|
||||
}
|
||||
|
||||
public String SessionListenerJob(
|
||||
SchedulerFactoryBean schedulerFactoryBean,
|
||||
LoginRepository loginRepository,
|
||||
LoginHistoryRepository loginHistoryRepository) {
|
||||
|
||||
return "sessionListenerJob";
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -98,6 +98,8 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
|
||||
authenticationProvider,jwtLoginService,applicationConfig,true))
|
||||
.addPathPatterns("/login");
|
||||
|
||||
permissionInterceptor.setMgmt(true);
|
||||
|
||||
registry.addInterceptor(permissionInterceptor)
|
||||
.addPathPatterns("/dashboard/**")
|
||||
.addPathPatterns("/orgs/**")
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
||||
@@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.maxkey.jobs;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
import org.quartz.Job;
|
||||
import org.quartz.JobExecutionContext;
|
||||
import org.quartz.JobExecutionException;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
public class OnlineTicketListenerJob implements Job , Serializable {
|
||||
final static Logger _logger = LoggerFactory.getLogger(OnlineTicketListenerJob.class);
|
||||
|
||||
private static final long serialVersionUID = 4782358765969474833L;
|
||||
|
||||
|
||||
@Override
|
||||
public void execute(JobExecutionContext context) throws JobExecutionException {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -97,10 +97,7 @@ public class LoginSessionController {
|
||||
if(currentUser.getOnlineTicket().contains(sessionId)) {
|
||||
continue;//skip current session
|
||||
}
|
||||
String lastLogoffTime = DateUtils.formatDateTime(new Date());
|
||||
loginRepository.updateLastLogoff(currentUser);
|
||||
loginHistoryRepository.logoff(lastLogoffTime, sessionId);
|
||||
onlineTicketService.remove("OT-" + sessionId);
|
||||
onlineTicketService.terminate(sessionId,currentUser.getId(),currentUser.getUsername());
|
||||
}
|
||||
isTerminated = true;
|
||||
}catch(Exception e) {
|
||||
|
||||
@@ -1 +1,18 @@
|
||||
package org.maxkey.web.access.contorller;
|
||||
/*
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.maxkey.web.access.contorller;
|
||||
|
||||
@@ -1 +1,18 @@
|
||||
package org.maxkey.web.config.contorller;
|
||||
/*
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.maxkey.web.config.contorller;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -17,62 +17,29 @@
|
||||
|
||||
package org.maxkey.web.contorller;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.maxkey.authn.annotation.CurrentUser;
|
||||
import org.maxkey.authn.online.OnlineTicketService;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
@Controller
|
||||
public class LogoutEndpoint {
|
||||
|
||||
private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class);
|
||||
|
||||
public static final String RE_LOGIN_URL = "reLoginUrl";
|
||||
|
||||
@Autowired
|
||||
@Qualifier("authenticationRealm")
|
||||
AbstractAuthenticationRealm authenticationRealm;
|
||||
protected OnlineTicketService onlineTicketService;
|
||||
|
||||
@RequestMapping(value={"/logout"})
|
||||
public ModelAndView logout( HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
@RequestParam(value=RE_LOGIN_URL,required=false) String reLoginUrl){
|
||||
ModelAndView modelAndView = new ModelAndView();
|
||||
authenticationRealm.logout(response);
|
||||
SavedRequest firstSavedRequest = (SavedRequest)WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
|
||||
|
||||
if(reLoginUrl==null ||reLoginUrl.equals("")) {
|
||||
reLoginUrl="/login";
|
||||
}
|
||||
|
||||
if(firstSavedRequest!=null){
|
||||
reLoginUrl= firstSavedRequest.getRedirectUrl();
|
||||
}
|
||||
|
||||
if(reLoginUrl!=null && !reLoginUrl.toLowerCase().startsWith("http")) {
|
||||
if(reLoginUrl.startsWith("/")) {
|
||||
reLoginUrl=request.getContextPath()+reLoginUrl;
|
||||
}else {
|
||||
reLoginUrl=request.getContextPath()+"/"+reLoginUrl;
|
||||
}
|
||||
}
|
||||
_logger.debug("re Login URL : "+ reLoginUrl);
|
||||
modelAndView.addObject("reloginUrl",reLoginUrl);
|
||||
request.getSession().invalidate();
|
||||
|
||||
modelAndView.setViewName("loggedout");
|
||||
return modelAndView;
|
||||
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
|
||||
onlineTicketService.terminate(
|
||||
currentUser.getOnlineTicket(),
|
||||
currentUser.getId(),
|
||||
currentUser.getUsername());
|
||||
return new Message<String>().buildResponse();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1 +1,18 @@
|
||||
package org.maxkey.web.permissions.contorller;
|
||||
/*
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.maxkey.web.permissions.contorller;
|
||||
|
||||
Reference in New Issue
Block a user