search

xuxueli / xxl-sso

A distributed single-sign-on framework.(分布式单点登录框架XXL-SSO)
http://www.xuxueli.com/xxl-sso/
GNU General Public License v3.0
1.94k stars 818 forks source link

Some reform about this sso system #33

Open gyf6067 opened 5 years ago

gyf6067 commented 5 years ago

  1. 对调 userID 与 version,否则同一用户在redis中仅存在一份session信息;

  2. 在已有过滤器[XxlSsoWebFilter]基础上,增加过滤器:仅校验sessionID的有效性,失败时不跳转SSO登陆页;

  3. XxlSsoUser中的[plugininfo]改为:Map<String, Object> ;

  4. 修复bug:SsoTokenLoginHelper.loginCheck():用毫秒比分钟;

  5. 修复bug:SsoLoginStore.put(): redisExpireMinite 需改为 xxlUser.getExpireMinite() ;

xuxueli commented 4 years ago

如下Copy From:https://github.com/xuxueli/xxl-sso/issues/29

貌似有一个12小时后刷新redis的bug

SsoTokenLoginHelper.java 的第74行: // After the expiration time has passed half, Auto refresh if ((System.currentTimeMillis() - xxlUser.getExpireFreshTime()) > xxlUser.getExpireMinite()/2) { xxlUser.setExpireFreshTime(System.currentTimeMillis()); SsoLoginStore.put(storeKey, xxlUser); } 不能用毫秒与分钟进行比较。。。