修改用户密码的方法调整

1 files changed, 30 insertions, 16 deletions

diff --git a/src/main/java/com/nis/web/controller/sys/UserController.java b/src/main/java/com/nis/web/controller/sys/UserController.java
index c904daa..a478ef1 100644
--- a/src/main/java/com/nis/web/controller/sys/UserController.java
+++ b/src/main/java/com/nis/web/controller/sys/UserController.java
@@ -42,6 +42,7 @@ import com.nis.util.StringUtils;
 import com.nis.util.excel.ExportExcel;
 import com.nis.web.controller.BaseController;
 import com.nis.web.security.SystemAuthorizingRealm;
+import com.nis.web.security.SystemAuthorizingRealm.Principal;
 import com.nis.web.security.UserUtils;
 import com.nis.web.security.UsernamePasswordToken;
 
@@ -281,6 +282,7 @@ public class UserController extends BaseController{
 	
 	/**
 	 * 修改个人用户密码
+	 * 
 	 * @param oldPassword
 	 * @param newPassword
 	 * @param model
@@ -290,25 +292,37 @@ public class UserController extends BaseController{
 	@RequestMapping(value = "modifyPwd")
 	public String modifyPwd(String oldPassword, String newPassword, Model model) {
 		SysUser user = UserUtils.getUser();
-		if (StringUtils.isNotBlank(oldPassword) && StringUtils.isNotBlank(newPassword)){
-			
-			if (StringUtils.validatePassword(oldPassword, user.getPassword())){
+		if (StringUtils.isNotBlank(oldPassword) && StringUtils.isNotBlank(newPassword)) {
+			if (StringUtils.validatePassword(oldPassword, user.getPassword())) {
 				userService.updatePasswordById(user.getId(), user.getLoginId(), newPassword);
-				RealmSecurityManager securityManager =  
-					     (RealmSecurityManager) SecurityUtils.getSecurityManager();  
-				Collection<Realm> realm=securityManager.getRealms();
-			   for (Realm realm2 : realm) {
-				   SystemAuthorizingRealm userRealm = (SystemAuthorizingRealm) realm2;  
-				   RedisCache<Object, AuthenticationInfo> cache= (RedisCache<Object, AuthenticationInfo>) userRealm.getAuthenticationCache();
-				   String keyPrefix=cache.getKeyPrefix();
-					   for (AuthenticationInfo auth :  cache.values()) {
-							userRealm.getAuthenticationCache().remove(auth.getPrincipals().getPrimaryPrincipal());
+				Session curSession = UserUtils.getSession();// 当前登录用户的session
+				Principal principal = UserUtils.getPrincipal();// 当前登录用户的鉴权信息
+				// 过滤 当前用户的 非此客户的其它登录信息
+				Collection<Session> allOtherSession = systemService.getActiveSessions(true, principal, curSession);
+				if (allOtherSession.size() > 0) {
+					// 如果是登录进来的，则踢出已在线用户
+					if (UserUtils.getSubject().isAuthenticated()) {
+						for (Session session : allOtherSession) {
+							systemService.deleteSession(session);
 						}
-				   systemService.deleteAuthenticationCache(keyPrefix+user.getName());
-				   systemService.deleteAuthenticationCache(keyPrefix+user.getId());
-			   }
+					}
+				}
+
+				RealmSecurityManager securityManager = (RealmSecurityManager) SecurityUtils.getSecurityManager();
+				Collection<Realm> realm = securityManager.getRealms();
+				for (Realm realm2 : realm) {
+					SystemAuthorizingRealm userRealm = (SystemAuthorizingRealm) realm2;
+					RedisCache<Object, AuthenticationInfo> cache = (RedisCache<Object, AuthenticationInfo>) userRealm.getAuthenticationCache();
+					String keyPrefix = cache.getKeyPrefix();
+					for (AuthenticationInfo auth : cache.values()) {
+						userRealm.getAuthenticationCache().remove(auth.getPrincipals().getPrimaryPrincipal());
+					}
+					systemService.deleteAuthenticationCache(keyPrefix + user.getName());
+					systemService.deleteAuthenticationCache(keyPrefix + user.getId());
+				}
+
 				model.addAttribute("message", "update_success");
-			}else{
+			} else {
 				model.addAttribute("message", "update_failed");
 			}
 		}