From d9dd03d10f818cf5ee9b5fafba22d9dad6197e92 Mon Sep 17 00:00:00 2001
From: Richie <280645618@qq.com>
Date: Sun, 17 Mar 2024 19:19:55 +0800
Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84oms-api=E9=A1=B9=E7=9B=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../security/LogoutSuccessHandlerImpl.java    | 49 +++++++++++++++++++
 .../com/qihang/security/SecurityConfig.java   | 12 +++--
 .../qihang/oms/controller/HomeController.java |  2 +-
 3 files changed, 59 insertions(+), 4 deletions(-)
 create mode 100644 core/security/src/main/java/com/qihang/security/LogoutSuccessHandlerImpl.java

diff --git a/core/security/src/main/java/com/qihang/security/LogoutSuccessHandlerImpl.java b/core/security/src/main/java/com/qihang/security/LogoutSuccessHandlerImpl.java
new file mode 100644
index 00000000..80317e70
--- /dev/null
+++ b/core/security/src/main/java/com/qihang/security/LogoutSuccessHandlerImpl.java
@@ -0,0 +1,49 @@
+package com.qihang.security;
+
+import com.alibaba.fastjson2.JSON;
+
+import com.qihang.common.common.AjaxResult;
+import com.qihang.common.constant.Constants;
+import com.qihang.common.utils.StringUtils;
+import com.qihang.security.utils.ServletUtils;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+import java.io.IOException;
+
+/**
+ * 自定义退出处理类 返回成功
+ * 
+ * @author qihang
+ */
+@Configuration
+public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler
+{
+    @Autowired
+    private TokenService tokenService;
+
+    /**
+     * 退出处理
+     * 
+     * @return
+     */
+    @Override
+    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
+            throws IOException, ServletException
+    {
+        LoginUser loginUser = tokenService.getLoginUser(request);
+        if (StringUtils.isNotNull(loginUser))
+        {
+            String userName = loginUser.getUsername();
+            // 删除用户缓存记录
+            tokenService.delLoginUser(loginUser.getToken());
+            // 记录用户退出日志
+//            AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, "退出成功"));
+        }
+        ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.success("退出成功")));
+    }
+}
diff --git a/core/security/src/main/java/com/qihang/security/SecurityConfig.java b/core/security/src/main/java/com/qihang/security/SecurityConfig.java
index c7cd2330..c14a2109 100644
--- a/core/security/src/main/java/com/qihang/security/SecurityConfig.java
+++ b/core/security/src/main/java/com/qihang/security/SecurityConfig.java
@@ -26,7 +26,11 @@ public class SecurityConfig {
 
     @Autowired
     private AuthenticationExceptionHandler invalidAuthenticationEntryPoint;
-
+    /**
+     * 退出处理类
+     */
+    @Autowired
+    private LogoutSuccessHandlerImpl logoutSuccessHandler;
     @Bean
     public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
@@ -48,7 +52,7 @@ public class SecurityConfig {
                 // 禁用默认登录页
                 .formLogin().disable()
                 // 禁用默认登出页
-                .logout().disable()
+//                .logout().disable()
                 // 设置异常的EntryPoint，如果不设置，默认使用Http403ForbiddenEntryPoint
                 .exceptionHandling(exceptions -> exceptions.authenticationEntryPoint(invalidAuthenticationEntryPoint))
                 // 前后端分离是无状态的，不需要session了，直接禁用。
@@ -65,10 +69,12 @@ public class SecurityConfig {
                         //.requestMatchers("/**").hasAnyAuthority("ROLE_USER")
                         // 允许任意请求被已登录用户访问，不检查Authority
                         .anyRequest().authenticated())
+
                 .authenticationProvider(authenticationProvider())
                 // 加我们自定义的过滤器，替代UsernamePasswordAuthenticationFilter
                 .addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
-
+        // 添加Logout filter
+                http.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
         return http.build();
     }
 
diff --git a/oms-api/src/main/java/com/qihang/oms/controller/HomeController.java b/oms-api/src/main/java/com/qihang/oms/controller/HomeController.java
index 84b574e5..420ac0bc 100644
--- a/oms-api/src/main/java/com/qihang/oms/controller/HomeController.java
+++ b/oms-api/src/main/java/com/qihang/oms/controller/HomeController.java
@@ -11,4 +11,4 @@ public class HomeController {
     public String home(){
         return "{'code':0,'msg':'oms-api请通过api访问'}";
     }
-}
+}
\ No newline at end of file