be based on OAuth2 Query online users and forced users

scene

Recent projects require certification and authorization 、 Restrict authorized login users .

You need to count the current number of online users , And forced withdrawal of designated users .

effect

Realization

Get all online users

After logging in ,OAuth2 Will send to Redis Store user's token Information , The key is token value , The value is OAuth2 Authentication object of .

Realize the idea ： from Redis Get all the token value , And adoption RedisTokenStore Get OAuth2 Authentication object of .

/** * VO */
@Data
@AllArgsConstructor
@NoArgsConstructor
public class OnlineUserVo {
    
    private String token;
    private Long userId;
    private String name;
    private Date loginTime;         // Landing time 
    private Date expiration;        // Due time 
    private Integer expiresIn;      // The rest of the time 
}

/** * RedisTokenStore Injection allocation  */
@Configuration
@EnableAuthorizationServer
public class TokenStoreConfig {
    
    @Autowired
    private RedisConnectionFactory redisConnectionFactory;

    @Bean
    public RedisTokenStore redisTokenStore() {
    
        return new RedisTokenStore(redisConnectionFactory);
    }
}

//redis Deposit token Key prefix for , It can be downloaded from RedisTokenStore See... In the source code 
public static final String REDIS_AUTH_KEY="auth:";

@Autowired
private RedisTokenStore redisTokenStore;

public List<OnlineUserVo> getOnlineUserList() {
    
    List<OnlineUserVo> list = new ArrayList<>();
    //oauth All stored keys
    Set<String> keys = redisTemplate.keys(OnlineConstants.REDIS_AUTH_KEY + "*");
    for (String key : keys) {
    
        //keys = "auth:" + token
        // according to token obtain OAuth2AccessToken
        String token = key.substring(key.indexOf(":") + 1);
        // according to token Values obtained OAuth2AccessToken object 
        OAuth2AccessToken oAuth2AccessToken = redisTokenStore.readAccessToken(token);
        
        // Get users id, Users of this project id Store in OAuth2AccessToken Object additionalInformation In the attribute .
        // Modify... According to the actual situation 
        Map<String, Object> map = oAuth2AccessToken.getAdditionalInformation();
        if (map != null) {
    
            // Get users id
            Long userId = (Long) map.get("openid");
            if (userId != null) {
    
                // Get user information 
                BaseUser user = this.userService.getUserById(userId);
                // Get user login log 
                BaseAccountLogs logs = this.accountLogsService.getUserNewestLogin(userId);

                list.add(new OnlineUserVo(token, userId, user.getFullName(),
                                          logs.getLoginTime(),
                                          oAuth2AccessToken.getExpiration(),
                                          oAuth2AccessToken.getExpiresIn()));
            }
        }
    }
    return list;
}

Get the number of online users

Getting the number of online users is much easier , Just get Redis in token The number of keys .

public Integer getOnlineUserNum() {
    
    Set<String> keys = redisTemplate.keys(OnlineConstants.REDIS_AUTH_KEY + "*");
    return keys.size();
}

Force the user to log out

Will the user token from Redis Delete from

public void forceLogout(String token) {
    
    redisTokenStore.removeAccessToken(token);
}

Reference material

Ruoyi management system