Recommended learning: Redis video tutorial
1. Implement SMS login based on session
1.1 SMS login flow chart
1.2 Implementation of sending SMS verification code
Front-end request instructions:
| Description | |
|---|---|
| Request method | POST |
| Request path | /user/code |
| Request parameters | phone(phone number) |
| Return value | None |
Back-end interface implementation:
@Slf4j
@Service
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService {
@Override
public Result sendCode(String phone, HttpSession session) {
// 1. 校验手机号
if(RegexUtils.isPhoneInvalid(phone)){
// 2. 如果不符合,返回错误信息
return Result.fail("手机号格式错误!");
}
// 3. 符合,生成验证码(设置生成6位)
String code = RandomUtil.randomNumbers(6);
// 4. 保存验证码到 session
session.setAttribute("code", code);
// 5. 发送验证码(这里并未实现,通过日志记录)
log.debug("发送短信验证码成功,验证码:{}", code);
// 返回 ok
return Result.ok();
}
}1.3 Implement SMS verification code login and registration
Front-end request instructions
| Description | |
|---|---|
| Request method | POST |
| /user/login | |
| phone (phone number); code (verification code) | |
| None |
@Slf4j
@Service
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService {
@Override
public Result login(LoginFormDTO loginForm, HttpSession session) {
// 1. 校验手机号
String phone = loginForm.getPhone();
if(RegexUtils.isPhoneInvalid(phone)){
// 不一致,返回错误信息
return Result.fail("手机号格式错误!");
}
// 2. 校验验证码
String cacheCode = (String) session.getAttribute("code");
String code = loginForm.getCode();
if(cacheCode == null || !cacheCode.equals(cacheCode)){
// 不一致,返回错误信息
return Result.fail("验证码错误!");
}
// 4. 一致,根据手机号查询用户(这里使用的 mybatis-plus)
User user = query().eq("phone", phone).one();
// 5. 判断用户是否存在
if(user == null){
// 6. 不存在,创建新用户并保存
user = createUserWithPhone(phone);
}
// 7. 保存用户信息到 session 中(通过 BeanUtil.copyProperties 方法将 user 中的信息过滤到 UserDTO 上,即用来隐藏部分信息)
session.setAttribute("user", BeanUtil.copyProperties(user, UserDTO.class));
return Result.ok();
}
private User createUserWithPhone(String phone) {
// 1. 创建用户
User user = new User();
user.setPhone(phone);
user.setNickName("user_" + RandomUtil.randomString(10));
// 2. 保存用户(这里使用 mybatis-plus)
save(user);
return user;
}
}1.4 Implement login verification interceptorLogin verification interceptor implementation: public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 1. 获取 session
HttpSession session = request.getSession();
// 2. 获取 session 中的用户
UserDTO user = (UserDTO) session.getAttribute("user");
// 3. 判断用户是否存在
if(user == null){
// 4. 不存在,拦截,返回 401 未授权
response.setStatus(401);
return false;
}
// 5. 存在,保存用户信息到 ThreadLocal
UserHolder.saveUser(user);
// 6. 放行
return true;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
// 移除用户,避免内存泄露
UserHolder.removeUser();
}
}UserHolder class implementation: This class defines a static ThreadLocalpublic class UserHolder {
private static final ThreadLocal<UserDTO> tl = new ThreadLocal<>();
public static void saveUser(UserDTO user){
tl.set(user);
}
public static UserDTO getUser(){
return tl.get();
}
public static void removeUser(){
tl.remove();
}
}Configuration interceptor: @Configuration
public class MvcConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor())
.excludePathPatterns(
"/user/login",
"/user/code"
);
}
} Front-end request description:
| Description | |
|---|---|
| POST | |
| /user/me | |
| None | |
| None |
@Slf4j
@Service
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService {
@Override
public Result me() {
UserDTO user = UserHolder.getUser();
return Result.ok(user);
}
}2. Cluster session sharing issuesession sharing problem: Multiple tomcats do not share session storage space. When the request is switched to different tomcat services, it will cause data loss. Session alternatives should meet the following conditions:
- Data sharing (different tomcats can access data in Redis)
- Memory storage (Redis through memory Storage)
- Key, value structure (Redis is a key-value structure)
3.1 Redis implements sharing session login flow chart
##3.2 Implementation of sending SMS verification code
Front-end request description:
| Description | |
|---|---|
| POST | |
| /user/code | |
| phone(phone number) | |
| None |
@Slf4j
@Service
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService {
@Resource
private StringRedisTemplate stringRedisTemplate;
@Override
public Result sendCode(String phone, HttpSession session) {
// 1. 校验手机号
if (RegexUtils.isPhoneInvalid(phone)) {
// 2. 如果不符合,返回错误信息
return Result.fail("手机号格式错误!");
}
// 3. 符合,生成验证码(设置生成6位)
String code = RandomUtil.randomNumbers(6);
// 4. 保存验证码到 Redis(以手机号为 key,设置有效期为 2min)
stringRedisTemplate.opsForValue().set("login:code:" + phone, code, 2, TimeUnit.MINUTES);
// 5. 发送验证码(这里并未实现,通过日志记录)
log.debug("发送短信验证码成功,验证码:{}", code);
// 返回 ok
return Result.ok();
}
}3.3 Implement SMS verification Code login, registration
Front-end request description:
| Description | |
|---|---|
| POST | |
| /user/login | |
| phone (phone number); code (verification code) | |
| None |
@Slf4j
@Service
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService {
@Override
public Result login(LoginFormDTO loginForm, HttpSession session) {
// 1. 校验手机号
String phone = loginForm.getPhone();
if(RegexUtils.isPhoneInvalid(phone)){
// 不一致,返回错误信息
return Result.fail("手机号格式错误!");
}
// 2. 校验验证码
String cacheCode = (String) session.getAttribute("code");
String code = loginForm.getCode();
if(cacheCode == null || !cacheCode.equals(cacheCode)){
// 不一致,返回错误信息
return Result.fail("验证码错误!");
}
// 4. 一致,根据手机号查询用户(这里使用的 mybatis-plus)
User user = query().eq("phone", phone).one();
// 5. 判断用户是否存在
if(user == null){
// 6. 不存在,创建新用户并保存
user = createUserWithPhone(phone);
}
// 7. 保存用户信息到 session 中(通过 BeanUtil.copyProperties 方法将 user 中的信息过滤到 UserDTO 上,即用来隐藏部分信息)
session.setAttribute("user", BeanUtil.copyProperties(user, UserDTO.class));
return Result.ok();
}
private User createUserWithPhone(String phone) {
// 1. 创建用户
User user = new User();
user.setPhone(phone);
user.setNickName("user_" + RandomUtil.randomString(10));
// 2. 保存用户(这里使用 mybatis-plus)
save(user);
return user;
}
}3.4 Implement login verification interceptor
The original interceptor is divided into two interceptors. The first interceptor intercepts all requests. This interception refreshes the validity period of the token and saves the user information that can be queried into ThreadLocal. The second interceptor performs the interception function and intercepts the path that requires login.
Refresh token interceptor implementation:
public class RefreshTokenInterceptor implements HandlerInterceptor {
private StringRedisTemplate stringRedisTemplate;
public RefreshTokenInterceptor(StringRedisTemplate stringRedisTemplate){
this.stringRedisTemplate = stringRedisTemplate;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 1. 获取请求头中的 token
String token = request.getHeader("authorization");
if (StrUtil.isBlank(token)) {
return true;
}
// 2. 基于 token 获取 redis 中的用户
String tokenKey = "login:token:" + token;
Map<Object, Object> userMap = stringRedisTemplate.opsForHash().entries(tokenKey);
// 3. 判断用户是否存在
if (userMap.isEmpty()) {
return true;
}
// 5. 将查询到的 Hash 数据转为 UserDTO 对象
UserDTO user = BeanUtil.fillBeanWithMap(userMap, new UserDTO(), false);
// 6. 存在,保存用户信息到 ThreadLocal
UserHolder.saveUser(user);
// 7. 刷新 token 有效期 30 min
stringRedisTemplate.expire(tokenKey, 30, TimeUnit.MINUTES);
// 8. 放行
return true;
}
}Login verification interceptor implementation:
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 1. 获取 session
HttpSession session = request.getSession();
// 2. 获取 session 中的用户
UserDTO user = (UserDTO) session.getAttribute("user");
// 3. 判断用户是否存在
if(user == null){
// 4. 不存在,拦截,返回 401 未授权
response.setStatus(401);
return false;
}
// 5. 存在,保存用户信息到 ThreadLocal
UserHolder.saveUser(user);
// 6. 放行
return true;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
// 移除用户,避免内存泄露
UserHolder.removeUser();
}
}UserHolder class implementation: This class defines a static ThreadLocal
public class UserHolder {
private static final ThreadLocal<UserDTO> tl = new ThreadLocal<>();
public static void saveUser(UserDTO user){
tl.set(user);
}
public static UserDTO getUser(){
return tl.get();
}
public static void removeUser(){
tl.remove();
}
}Configuration interceptor:
@Configuration
public class MvcConfig implements WebMvcConfigurer {
@Resource
private StringRedisTemplate stringRedisTemplate;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new RefreshTokenInterceptor(stringRedisTemplate))
.addPathPatterns("/**").order(0);
registry.addInterceptor(new LoginInterceptor())
.excludePathPatterns(
"/user/login",
"/user/code"
).order(1);
}
}Front-end request description:
| Description | |
|---|---|
| POST | |
| /user/me | |
| None | |
| None |
@Slf4j
@Service
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService {
@Override
public Result me() {
UserDTO user = UserHolder.getUser();
return Result.ok(user);
}
}Recommended learning:
Redis video tutorialThe above is the detailed content of Redis shared session application implements SMS login. For more information, please follow other related articles on the PHP Chinese website!
Redis vs databases: performance comparisonsMay 14, 2025 am 12:11 AMRedisoutperformstraditionaldatabasesinspeedforread/writeoperationsduetoitsin-memorynature,whiletraditionaldatabasesexcelincomplexqueriesanddataintegrity.1)Redisisidealforreal-timeanalyticsandcaching,offeringphenomenalperformance.2)Traditionaldatabase
When Should I Use Redis Instead of a Traditional Database?May 13, 2025 pm 04:01 PMUseRedisinsteadofatraditionaldatabasewhenyourapplicationrequiresspeedandreal-timedataprocessing,suchasforcaching,sessionmanagement,orreal-timeanalytics.Redisexcelsin:1)Caching,reducingloadonprimarydatabases;2)Sessionmanagement,simplifyingdatahandling
Redis: Beyond SQL - The NoSQL PerspectiveMay 08, 2025 am 12:25 AMRedis goes beyond SQL databases because of its high performance and flexibility. 1) Redis achieves extremely fast read and write speed through memory storage. 2) It supports a variety of data structures, such as lists and collections, suitable for complex data processing. 3) Single-threaded model simplifies development, but high concurrency may become a bottleneck.
Redis: A Comparison to Traditional Database ServersMay 07, 2025 am 12:09 AMRedis is superior to traditional databases in high concurrency and low latency scenarios, but is not suitable for complex queries and transaction processing. 1.Redis uses memory storage, fast read and write speed, suitable for high concurrency and low latency requirements. 2. Traditional databases are based on disk, support complex queries and transaction processing, and have strong data consistency and persistence. 3. Redis is suitable as a supplement or substitute for traditional databases, but it needs to be selected according to specific business needs.
Redis: Introduction to a Powerful In-Memory Data StoreMay 06, 2025 am 12:08 AMRedisisahigh-performancein-memorydatastructurestorethatexcelsinspeedandversatility.1)Itsupportsvariousdatastructureslikestrings,lists,andsets.2)Redisisanin-memorydatabasewithpersistenceoptions,ensuringfastperformanceanddatasafety.3)Itoffersatomicoper
Is Redis Primarily a Database?May 05, 2025 am 12:07 AMRedis is primarily a database, but it is more than just a database. 1. As a database, Redis supports persistence and is suitable for high-performance needs. 2. As a cache, Redis improves application response speed. 3. As a message broker, Redis supports publish-subscribe mode, suitable for real-time communication.
Redis: Database, Server, or Something Else?May 04, 2025 am 12:08 AMRedisisamultifacetedtoolthatservesasadatabase,server,andmore.Itfunctionsasanin-memorydatastructurestore,supportsvariousdatastructures,andcanbeusedasacache,messagebroker,sessionstorage,andfordistributedlocking.
Redis: Unveiling Its Purpose and Key ApplicationsMay 03, 2025 am 12:11 AMRedisisanopen-source,in-memorydatastructurestoreusedasadatabase,cache,andmessagebroker,excellinginspeedandversatility.Itiswidelyusedforcaching,real-timeanalytics,sessionmanagement,andleaderboardsduetoitssupportforvariousdatastructuresandfastdataacces
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 Chinese version
Chinese version, very easy to use
WebStorm Mac version
Useful JavaScript development tools
Zend Studio 13.0.1
Powerful PHP integrated development environment
SublimeText3 Linux new version
SublimeText3 Linux latest version
Dreamweaver CS6
Visual web development tools
