Preface
Login process flow:
1, the login page to submit username and password.
2, after a successful login generate token. Token JSESSIONID equivalent to the original, a string, uuid.
3, the user information stored redis. Key is the token, value is TbUser objects converted to json.
4, using the Save Session String type information. You can use "prefix: token" is key
5, set an expiration time of the key. Analog Session of the expiration time. General half an hour.
6, the token is written cookie.
7, Cookie requires cross-domain. For example www.jd.com \ sso.jd.com \ order.jd.com, you can use the tools.
8, Cookie expiration date. Close the browser to fail.
9, the login is successful.
Keep the session --Session sliding expiration