出现场景
在进行用户认证的时候,后端代码会重复执行自定义的Realms里面的doGetAuthenticationInfo方法,debug调试没有问题,日志打印同时出现多次
代码截图
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
logger.info("开始身份验证");
//1.获取前端传来的token
String token = (String) authenticationToken.getPrincipal();
Long userId = TokenGenerator.getUserId(token);
logger.info("userId:" + userId);
//2.根据token判断redis中是否存在
boolean hasKey = redisUtil.hasKey(token);
LoginVo loginVo = null;
if (hasKey){
//3.根据token从redis中查找对应的用户信息
loginVo = (LoginVo) redisUtil.get(token);
//4,如果用户不存在,抛出异常
if (loginVo == null) {
throw new UnknownAccountException("用户不存在");
}
}else {
//5,如果token不存在,抛出异常
throw new IncorrectCredentialsException("token失效,请重新登录");
}
SysUser sysUser = BeanUtil.toBean(loginVo, SysUser.class);
//将信息放到认证通过信息中去
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
sysUser,
token,
getName());
//设置密码盐
// authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes(userInfo.getCredentialsSalt()));
return authenticationInfo;
}
运行结果及报错内容
2022-01-07 17:00:35.042 INFO 118780 --- [nio-8081-exec-6] c.nameli.admin.config.filter.AuthFilter : 从前端获取的token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJOQU1FLUwiLCJleHAiOjE2NDE1NDUzNDEsIlVVSUQiOiIyYTVlNDM4M2UyOGI0Yzc5OWI1MmMyODY3MjFmODhjMSIsInVzZXJJZCI6MX0.ZJfZXlsURNRCjeZ7WjWyz1E2wEUd5RTrp9Iz3ae_SL0
2022-01-07 17:00:35.042 INFO 118780 --- [nio-8081-exec-4] c.nameli.admin.config.filter.AuthFilter : 从前端获取的token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJOQU1FLUwiLCJleHAiOjE2NDE1NDUzNDEsIlVVSUQiOiIyYTVlNDM4M2UyOGI0Yzc5OWI1MmMyODY3MjFmODhjMSIsInVzZXJJZCI6MX0.ZJfZXlsURNRCjeZ7WjWyz1E2wEUd5RTrp9Iz3ae_SL0
2022-01-07 17:00:35.042 INFO 118780 --- [nio-8081-exec-5] c.nameli.admin.config.filter.AuthFilter : 从前端获取的token:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJOQU1FLUwiLCJleHAiOjE2NDE1NDUzNDEsIlVVSUQiOiIyYTVlNDM4M2UyOGI0Yzc5OWI1MmMyODY3MjFmODhjMSIsInVzZXJJZCI6MX0.ZJfZXlsURNRCjeZ7WjWyz1E2wEUd5RTrp9Iz3ae_SL0
2022-01-07 17:00:45.763 INFO 118780 --- [nio-8081-exec-6] c.n.admin.config.shiro.MyShiroRealm : 开始身份验证
2022-01-07 17:00:46.523 INFO 118780 --- [nio-8081-exec-5] c.n.admin.config.shiro.MyShiroRealm : 开始身份验证
2022-01-07 17:00:46.523 INFO 118780 --- [nio-8081-exec-4] c.n.admin.config.shiro.MyShiroRealm : 开始身份验证
2022-01-07 17:00:46.574 INFO 118780 --- [nio-8081-exec-5] c.n.admin.config.shiro.MyShiroRealm : userId:1
2022-01-07 17:00:46.574 INFO 118780 --- [nio-8081-exec-4] c.n.admin.config.shiro.MyShiroRealm : userId:1
2022-01-07 17:00:46.574 INFO 118780 --- [nio-8081-exec-6] c.n.admin.config.shiro.MyShiroRealm : userId:1
2022-01-07 17:00:48.942 INFO 118780 --- [nio-8081-exec-6] c.nameli.admin.config.filter.AuthFilter : onLoginFailure --------> 登录失败
2022-01-07 17:00:48.942 INFO 118780 --- [nio-8081-exec-4] c.nameli.admin.config.filter.AuthFilter : onLoginFailure --------> 登录失败
2022-01-07 17:00:48.942 ERROR 118780 --- [nio-8081-exec-4] c.nameli.admin.config.filter.AuthFilter : Validate token fail, token:com.nameli.admin.config.shiro.auth.AuthToken - null, rememberMe=false
error:token失效,请重新登录
2022-01-07 17:00:48.942 INFO 118780 --- [nio-8081-exec-5] c.nameli.admin.config.filter.AuthFilter : onLoginFailure --------> 登录失败
2022-01-07 17:00:48.942 ERROR 118780 --- [nio-8081-exec-5] c.nameli.admin.config.filter.AuthFilter : Validate token fail, token:com.nameli.admin.config.shiro.auth.AuthToken - null, rememberMe=false
error:token失效,请重新登录
2022-01-07 17:00:48.942 ERROR 118780 --- [nio-8081-exec-6] c.nameli.admin.config.filter.AuthFilter : Validate token fail, token:com.nameli.admin.config.shiro.auth.AuthToken - null, rememberMe=false
error:token失效,请重新登录
尝试解决
查看其他人的博客,一种解决方案是注释shiroConfig中的DefaultAdvisorAutoProxyCreator方法
但是此种方法会导致权限注解无法使用,报错404,所以不适用