Springboot项目使用redis实现session共享-编程知识

1.安装redis，并配置密码

这里就不针对于redis的安装约配置进行说明了，直接在项目中使用。

2.pom.xml文件中引入需要的maven

     <dependency><groupId>redis.clients</groupId><artifactId>jedis</artifactId><version>2.9.0</version></dependency>

3.在项目的配置文件中加入redis的配置

redis:database: 0host: localhostpassword: 123456pool:max-active: 8max-idle: 8max-wait: -1min-idle: 0port: 6379timeout: 3000

4.添加redis的配置文件放在项目的config文件夹下

import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.annotation.CachingConfigurerSupport;
import org.springframework.cache.annotation.EnableCaching;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
import redis.clients.jedis.JedisPool;
import redis.clients.jedis.JedisPoolConfig;/*** @author kjz*/
@Configuration
@EnableCaching
public class RedisConfig extends CachingConfigurerSupport {@Value("${redis.host}")private String host;@Value("${redis.port}")private int port;@Value("${redis.timeout}")private int timeout;@Value("${redis.pool.max-idle}")private int maxIdle;@Value("${redis.pool.max-wait}")private long maxWaitMillis;@Value("${redis.password}")private String password;@Beanpublic JedisPool redisPoolFactory() {JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();jedisPoolConfig.setMaxIdle(maxIdle);jedisPoolConfig.setMaxWaitMillis(maxWaitMillis);JedisPool jedisPool = new JedisPool(jedisPoolConfig, host, port, timeout);return jedisPool;}@Beanpublic RedisConnectionFactory redisConnectionFactory() {JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();jedisPoolConfig.setMaxIdle(maxIdle);jedisPoolConfig.setMaxWaitMillis(maxWaitMillis);JedisConnectionFactory jedisConnectionFactory = new JedisConnectionFactory(jedisPoolConfig);jedisConnectionFactory.setHostName(host);jedisConnectionFactory.setPort(port);jedisConnectionFactory.setTimeout(timeout);jedisConnectionFactory.setPassword(password);return jedisConnectionFactory;}}

5.具体实现思路（手动实现）

实现思路

创建一个过滤器，拦截除了登录之外的所有请求，判断请求中是否存在cookie，如果存在cookie则判断redis中是否存在以cookie为key的键值对数据，如果有则取出对应的value同时对这个key的过期时间进行续期，如果没有则返回一个响应，说明登录已经过期了，将Value就是session进行Jason反序列化得到session对象，然后把Session绑定到当前的请求中，如果不存在cookie，则直接返回一个响应，说明还未登录。如果是登录请求的话，直接到controller中进行登录校验，让深沉的session通过json序列化放到redis中，并且以uuid为key，同时，返回给前端一个cookie字段，cookie字段的值就是uuid，请求完成之后，在过滤器中将会话数据session更新到redis中。

下面是思路流程图

代码实现

创建过滤器 `SessionFilter`

import com.fasterxml.jackson.databind.ObjectMapper;
import redis.clients.jedis.Jedis;
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;public class SessionFilter implements Filter {private JedisPool jedisPool;private ObjectMapper objectMapper;private static final String LOGIN_PATH = "/login";private static final int SESSION_EXPIRATION_TIME = 30 * 60; // 30 minutes in secondspublic SessionFilter(JedisPool jedisPool) {this.jedisPool = jedisPool;this.objectMapper = new ObjectMapper();}@Overridepublic void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)throws IOException, ServletException {HttpServletRequest httpRequest = (HttpServletRequest) request;HttpServletResponse httpResponse = (HttpServletResponse) response;String requestUri = httpRequest.getRequestURI();if (requestUri.equals(LOGIN_PATH)) {// 直接转发到登录控制器chain.doFilter(request, response);} else {// 检查 CookieCookie[] cookies = httpRequest.getCookies();String sessionId = null;if (cookies != null) {for (Cookie cookie : cookies) {if ("SESSIONID".equals(cookie.getName())) {sessionId = cookie.getValue();break;}}}if (sessionId != null) {try (Jedis jedis = jedisPool.getResource()) {String sessionDataJson = jedis.get(sessionId);if (sessionDataJson != null) {// 续期jedis.expire(sessionId, SESSION_EXPIRATION_TIME);// 反序列化 SessionMap<String, Object> sessionAttributes = objectMapper.readValue(sessionDataJson, Map.class);HttpSessionWrapper wrappedSession = new HttpSessionWrapper(sessionAttributes);request.setAttribute("httpSession", wrappedSession);// 继续执行过滤器链chain.doFilter(request, response);// 更新 Session 到 Redisif (wrappedSession.isDirty()) {jedis.set(sessionId, objectMapper.writeValueAsString(wrappedSession.getSessionData()));}} else {// 登录过期httpResponse.setContentType("application/json");httpResponse.getWriter().write("{\"error\": \"Session expired\"}");}} catch (Exception e) {// 处理异常e.printStackTrace();httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);}} else {// 未登录httpResponse.setContentType("application/json");httpResponse.getWriter().write("{\"error\": \"Not logged in\"}");}}}// ... 其他 Filter 方法 ...
}

注册过滤器

在 Spring 配置中注册过滤器：

@Bean
public FilterRegistrationBean<SessionFilter> sessionFilterRegistration(SessionFilter sessionFilter) {FilterRegistrationBean<SessionFilter> registrationBean = new FilterRegistrationBean<>();registrationBean.setFilter(sessionFilter);registrationBean.addUrlPatterns("/*");return registrationBean;
}

创建 HttpSessionWrapper 类

将session和sessionid封装到这个类里面

import javax.servlet.http.HttpSession;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;public class HttpSessionWrapper implements HttpSession {private final Map<String, Object> attributes;private boolean dirty;public HttpSessionWrapper(Map<String, Object> attributes) {this.attributes = attributes;this.dirty = false;}// ... 实现 HttpSession 接口的方法 ...public void setAttribute(String name, Object value) {attributes.put(name, value);dirty = true;}public Map<String, Object> getSessionData() {return attributes;}public boolean isDirty() {return dirty;}// ... 其他方法 ...
}

登录控制器

@RestController
public class LoginController {@PostMapping("/login")public HttpServletResponse login(HttpServletRequest request, HttpServletResponse response) {// ... 登录逻辑 ...// 创建新的会话String sessionId = UUID.randomUUID().toString();Map<String, Object> sessionAttributes = new HashMap<>();// 填充会话属性sessionAttributes.put("user", user);// 使用 JsonUtil 序列化会话并存储到 RedisString sessionDataJson = JsonUtil.obj2String(sessionAttributes);try (Jedis jedis = jedisPool.getResource()) {jedis.setex(sessionId, SESSION_EXPIRATION_TIME, sessionDataJson);} catch (Exception e) {// 处理异常e.printStackTrace();return "Error";}// 创建 Cookie 并设置给客户端Cookie sessionCookie = new Cookie("SESSIONID", sessionId);sessionCookie.setPath("/");sessionCookie.setHttpOnly(true); // 确保 Cookie 不会被 JavaScript 访问sessionCookie.setSecure(true); // 确保 Cookie 在 HTTPS 连接中传输response.addCookie(sessionCookie);return HttpServletResponse ;}
}

下面是序列化工具类

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;/***@author kjz*/
@Slf4j
public class JsonUtil {private static ObjectMapper objectMapper = new ObjectMapper();static{//对象的所有字段全部列入objectMapper.setSerializationInclusion(JsonInclude.Include.ALWAYS);}public static <T> String obj2String(T obj){if(obj == null){return null;}try {return obj instanceof String ? (String)obj :  objectMapper.writeValueAsString(obj);} catch (Exception e) {log.warn("Parse Object to String error",e);return null;}}/*** 格式化json串，看起来比较好看，但是有换行符等符号，会比没有格式化的大* @param obj* @param <T>* @return*/public static <T> String obj2StringPretty(T obj){if(obj == null){return null;}try {return obj instanceof String ? (String)obj :  objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(obj);} catch (Exception e) {log.warn("Parse Object to String error",e);return null;}}public static <T> T string2Obj(String str,Class<T> clazz){if(StringUtils.isEmpty(str) || clazz == null){return null;}try {return clazz.equals(String.class)? (T)str : objectMapper.readValue(str,clazz);} catch (Exception e) {log.warn("Parse String to Object error",e);return null;}}public static <T> T string2Obj(String str, TypeReference<T> typeReference){if(StringUtils.isEmpty(str) || typeReference == null){return null;}try {return (T)(typeReference.getType().equals(String.class)? str : objectMapper.readValue(str,typeReference));} catch (Exception e) {log.warn("Parse String to Object error",e);return null;}}/*** 转换集合* List<User></>* @param str* @param collectionClass* @param elementClasses* @param <T>* @return*/public static <T> T string2Obj(String str,Class<?> collectionClass,Class<?>... elementClasses){JavaType javaType = objectMapper.getTypeFactory().constructParametricType(collectionClass,elementClasses);try {return objectMapper.readValue(str,javaType);} catch (Exception e) {log.warn("Parse String to Object error",e);return null;}}
}

6.利用Spring Session Data Redis框架实现

引入Spring Session Data Redis 的依赖

 <dependency><groupId>org.springframework.session</groupId><artifactId>spring-session-data-redis</artifactId><version>2.7.0</version></dependency>

创建Spring Session的配置类

创建一个配置类 SessionConfig，使用 @EnableRedisHttpSession 注解来启用 Spring Session 的 Redis 支持：

import org.springframework.session.data.redis.config.ConfigureRedisAction;
import org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;@Configuration
@EnableRedisHttpSession
public class SessionConfig {// 配置会话过期时间（例如，设置为 1800 秒，即 30 分钟）@Beanpublic RedisHttpSessionConfiguration redisHttpSessionConfiguration() {RedisHttpSessionConfiguration configuration = new RedisHttpSessionConfiguration();configuration.setMaxInactiveIntervalInSeconds(1800);return configuration;}// 如果你使用的是 Spring Boot 2.3 或更高版本，你可能需要定义这个 Bean 来避免警告@Beanpublic static ConfigureRedisAction configureRedisAction() {return ConfigureRedisAction.NO_OP;}
}

@EnableRedisHttpSession 是一个方便的注解，它做了以下几件事情：

启用 Spring Session 的支持，使得 HttpSession 能够被 Spring Session 管理。
配置 Redis 作为会话数据的存储后端。
注册一个 SessionRepositoryFilter 的 Bean，这个 Filter 负责拦截请求，并将标准的 HttpSession 替换为 Spring Session 的实现。

Session的创建存储和获取

做完上面的配置之后，你可以像使用常规 HttpSession 一样使用 Spring Session。每次修改会话时，Spring Session 都会自动将这些更改同步到 Redis。

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;import javax.servlet.http.HttpSession;@RestController
public class SessionController {@GetMapping("/setSession")public String setSession(HttpSession session) {session.setAttribute("message", "Hello, Redis Session!");return "Session set in Redis";}@GetMapping("/getSession")public String getSession(HttpSession session) {return "Session message: " + session.getAttribute("message");}
}