Login process:
1. After successful login:
1. Generate a token based on the userId and store the key as the token and value as the user information in redis.
2. The response token is sent to the cookie of the front end
Threadlocal stores user information
Ii. Interceptor:
1. Obtain front-end cookie and check token through request (there are two tokens,token2 is generated according to Token1)
2. If the token is not empty, go to Redis and query the user information with the token as key. If the user is empty, return false.
Update the user info in threadLocal and the expiration time of token: user in Redis
Expanding ideas:
Q: If you want to implement an account that is logged in by a second person, the first login will be logged out. Any ideas?
redis : userId – token
token – user
I think: login succ- generate unique token-redis save userId:token, token:user. The interceptor determines whether the user is null according to the redis token key.
If a second user logs in to the account, a unique token is also generated, and all tokens in redis are found according to the userId, and then the token:user is deleted. Reset the new token:user