完善oms-api项目

core/security/src/main/java/com/qihang/security/LogoutSuccessHandlerImpl.java

@@ -0,0 +1,49 @@
+package com.qihang.security;
+
+import com.alibaba.fastjson2.JSON;
+
+import com.qihang.common.common.AjaxResult;
+import com.qihang.common.constant.Constants;
+import com.qihang.common.utils.StringUtils;
+import com.qihang.security.utils.ServletUtils;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+import java.io.IOException;
+
+/**
+ * 自定义退出处理类 返回成功
+ * 
+ * @author qihang
+ */
+@Configuration
+public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler
+{
+    @Autowired
+    private TokenService tokenService;
+
+    /**
+     * 退出处理
+     * 
+     * @return
+     */
+    @Override
+    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
+            throws IOException, ServletException
+    {
+        LoginUser loginUser = tokenService.getLoginUser(request);
+        if (StringUtils.isNotNull(loginUser))
+        {
+            String userName = loginUser.getUsername();
+            // 删除用户缓存记录
+            tokenService.delLoginUser(loginUser.getToken());
+            // 记录用户退出日志
+//            AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, "退出成功"));
+        }
+        ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.success("退出成功")));
+    }
+}

core/security/src/main/java/com/qihang/security/SecurityConfig.java

@@ -26,7 +26,11 @@ public class SecurityConfig {
 
     @Autowired
     private AuthenticationExceptionHandler invalidAuthenticationEntryPoint;
-
+    /**
+     * 退出处理类
+     */
+    @Autowired
+    private LogoutSuccessHandlerImpl logoutSuccessHandler;
     @Bean
     public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
@@ -48,7 +52,7 @@ public class SecurityConfig {
                 // 禁用默认登录页
                 .formLogin().disable()
                 // 禁用默认登出页
-                .logout().disable()
+//                .logout().disable()
                 // 设置异常的EntryPoint，如果不设置，默认使用Http403ForbiddenEntryPoint
                 .exceptionHandling(exceptions -> exceptions.authenticationEntryPoint(invalidAuthenticationEntryPoint))
                 // 前后端分离是无状态的，不需要session了，直接禁用。
@@ -65,10 +69,12 @@ public class SecurityConfig {
                         //.requestMatchers("/**").hasAnyAuthority("ROLE_USER")
                         // 允许任意请求被已登录用户访问，不检查Authority
                         .anyRequest().authenticated())
+
                 .authenticationProvider(authenticationProvider())
                 // 加我们自定义的过滤器，替代UsernamePasswordAuthenticationFilter
                 .addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
-
+        // 添加Logout filter
+                http.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
         return http.build();
     }
 

oms-api/src/main/java/com/qihang/oms/controller/HomeController.java

@@ -11,4 +11,4 @@ public class HomeController {
     public String home(){
         return "{'code':0,'msg':'oms-api请通过api访问'}";
     }
-}
+}