缓存策略问题 #4
Comments
|
经过排查,目前在 AdditionalWebFilter 中无法知晓当前用户的登录状态。通过 WebSession 获取登录状态的方式不完全正确,尤其是关闭浏览器后重新进入页面的时候,因为登录时用户选择了“记住我”,所以此时获取 WebSession 实际上为空,自动登录逻辑发生在 Security Filter Chain 上,并不在 PageCacheWebFilter 之前。 我这里提供一种方案:类似于这里提到的 WebFilter,我们再提供一种在认证之前和之后的 WebFilter 扩展点。这样我们就可以肥肠方便且可靠地获取当前用户的认证情况。 |
f2c-ci-robot bot
pushed a commit
to halo-dev/halo
that referenced
this issue
Jul 9, 2024
#### What type of PR is this? /kind feature /kind api-change /area core /area plugin #### What this PR does / why we need it: This PR adds `BeforeSecurityWebFilter` and `AfterSecurityWebFilter` extension points. See halo-sigs/plugin-page-cache#4 (comment) for more. Now, we can do something before and after authenticating. #### Does this PR introduce a user-facing change? ```release-note 添加认证授权的前置和后置处理器扩展点 ```
|
已经在 halo-dev/halo#6297 中修复。 /close |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
已知目前的缓存判断或者策略问题:
The text was updated successfully, but these errors were encountered: