shiro防止恶意重复登录

在登录接口判断该用户是否登陆过

@PostMapping("/login")
public Result login(@RequestBody LoginVo loginVo){
    final Subject subject = SecurityUtils.getSubject();
    if(subject.isAuthenticated()){
        return new Result(200,"登录成功",subject.getSession().getId());//拿到sessionId
    }
    UsernamePasswordToken token = new UsernamePasswordToken(loginVo.getUsername(),loginVo.getPassword());
    try{
        subject.login(token);
        //登录成功返回200
        return new Result(200,"登录成功",subject.getSession().getId());//拿到sessionId
    }catch (Exception e){
        e.printStackTrace();
        return new Result(500,"账号或密码错误",null);
    }
}