1.用户退出登录时按照uuid清除token
This commit is contained in:
乾乾
@@ -72,9 +72,9 @@ public class RedisKey {
|
||||
public static final String GROUP_ANNOUNCEMENTS_FORMAT = "groupInfo:announcements_%d";
|
||||
|
||||
/**
|
||||
* 用户token存放
|
||||
* 用户token存放 格式:终端:uid:uuid
|
||||
*/
|
||||
public static final String USER_TOKEN_FORMAT = "userToken:%s:uid_%d";
|
||||
public static final String USER_TOKEN_FORMAT = "userToken:%s:uid_%d:%s";
|
||||
|
||||
/**
|
||||
* 用户refreshToken存放
|
||||
|
||||
@@ -65,4 +65,11 @@ public class RoomGroupCache extends AbstractRedisStringCache<Long, RoomGroup> {
|
||||
public List<Long> evictGroup(String account) {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 清除所有群组相关缓存
|
||||
*/
|
||||
@CacheEvict(cacheNames = "room", allEntries = true)
|
||||
public void evictAllCaches() {
|
||||
}
|
||||
}
|
||||
|
||||
@@ -600,6 +600,7 @@ public class RoomAppServiceImpl implements RoomAppService {
|
||||
groupMemberDao.saveBatch(groupMembers);
|
||||
|
||||
// 发送邀请加群消息 ==> 触发每个人的会话
|
||||
roomGroupCache.evictAllCaches();
|
||||
applicationEventPublisher.publishEvent(new GroupMemberAddEvent(this, roomGroup, groupMembers, uid));
|
||||
return roomGroup.getRoomId();
|
||||
}
|
||||
|
||||
@@ -28,12 +28,16 @@ public class OffLineResp {
|
||||
@Schema(description = "登录ip")
|
||||
private String ip;
|
||||
|
||||
@Schema(description = "本次登录uuid (不需要被清空)")
|
||||
private String uuid;
|
||||
|
||||
public OffLineResp() {
|
||||
}
|
||||
|
||||
public OffLineResp(Long uid, String client, String ip) {
|
||||
public OffLineResp(Long uid, String client, String ip, String uuid) {
|
||||
this.ip = ip;
|
||||
this.uid = uid;
|
||||
this.client = client;
|
||||
this.uuid = uuid;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -136,19 +136,19 @@ public class LoginServiceImpl implements LoginService {
|
||||
// 1. 拿到token
|
||||
String token = RequestHolder.get().getToken();
|
||||
|
||||
// 2. 解析token里面的数据,精准拿到当前用户的refreshToken
|
||||
try {
|
||||
// 2. 解析token里面的数据,精准拿到当前用户的refreshToken
|
||||
Map<String, Claim> verifyToken = JwtUtils.verifyToken(token);
|
||||
Long uid = verifyToken.get(JwtUtils.UID_CLAIM).asLong();
|
||||
String type = verifyToken.get(JwtUtils.LOGIN_TYPE_CLAIM).asString();
|
||||
String uuid = verifyToken.get(JwtUtils.UUID_CLAIM).asString();
|
||||
|
||||
if(!autoLogin){
|
||||
// 2.1 用户启用自动登录,删除refreshToken
|
||||
Map<String, Claim> verifyToken = JwtUtils.verifyToken(token);
|
||||
Long uid = verifyToken.get(JwtUtils.UID_CLAIM).asLong();
|
||||
String type = verifyToken.get(JwtUtils.LOGIN_TYPE_CLAIM).asString();
|
||||
String key = RedisKey.getKey(RedisKey.USER_REFRESH_TOKEN_FORMAT, type, uid, verifyToken.get(JwtUtils.UUID_CLAIM).asString());
|
||||
RedisUtils.del(key);
|
||||
RedisUtils.del(RedisKey.getKey(RedisKey.USER_REFRESH_TOKEN_FORMAT, type, uid, uuid));
|
||||
}
|
||||
|
||||
// 3. 删除token
|
||||
RedisUtils.del(RedisKey.getKey(RedisKey.USER_TOKEN_FORMAT, JwtUtils.getLoginType(token), RequestHolder.get().getUid()));
|
||||
RedisUtils.del(RedisKey.getKey(RedisKey.USER_TOKEN_FORMAT, type, uid, uuid));
|
||||
applicationEventPublisher.publishEvent(new UserOfflineEvent(this, User.builder().id(RequestHolder.get().getUid()).lastOptTime(DateUtil.date()).build()));
|
||||
} catch (Exception e) {
|
||||
throw TokenExceedException.expired();
|
||||
|
||||
@@ -39,18 +39,21 @@ public class TokenServiceImpl implements TokenService {
|
||||
|
||||
@Override
|
||||
public boolean verify(String token) {
|
||||
Long uid = JwtUtils.getUidOrNull(token);
|
||||
if (Objects.isNull(uid)) {
|
||||
return false;
|
||||
}
|
||||
return Objects.equals(token, RedisUtils.getStr(RedisKey.getKey(RedisKey.USER_TOKEN_FORMAT, JwtUtils.getLoginType(token), uid)));
|
||||
Map<String, Claim> claim = JwtUtils.verifyToken(token);
|
||||
if (Objects.isNull(claim)) {
|
||||
return false;
|
||||
}
|
||||
Long uid = claim.get(JwtUtils.UID_CLAIM).asLong();
|
||||
String loginType = claim.get(JwtUtils.LOGIN_TYPE_CLAIM).asString();
|
||||
String uuid = claim.get(JwtUtils.UUID_CLAIM).asString();
|
||||
return Objects.equals(token, RedisUtils.getStr(RedisKey.getKey(RedisKey.USER_TOKEN_FORMAT, loginType, uid, uuid)));
|
||||
}
|
||||
|
||||
@Override
|
||||
public LoginResultVO createToken(Long uid, String loginType) {
|
||||
// 1. uuid用于后续区分续签是给哪个token续签
|
||||
String uuid = UUID.randomUUID().toString(true);
|
||||
String tokenKey = RedisKey.getKey(RedisKey.USER_TOKEN_FORMAT, loginType, uid);
|
||||
String tokenKey = RedisKey.getKey(RedisKey.USER_TOKEN_FORMAT, loginType, uid, uuid);
|
||||
String refreshTokenKey = RedisKey.getKey(RedisKey.USER_REFRESH_TOKEN_FORMAT, loginType, uid, uuid);
|
||||
String token = RedisUtils.getStr(tokenKey), refreshToken;
|
||||
String key = RedisKey.getKey(RedisKey.USER_REFRESH_TOKEN_UID_FORMAT, loginType, uid);
|
||||
@@ -58,7 +61,7 @@ public class TokenServiceImpl implements TokenService {
|
||||
|
||||
// 1.2 token存在 旧设备下线
|
||||
if (StrUtil.isNotBlank(token)) {
|
||||
applicationEventPublisher.publishEvent(new TokenExpireEvent(this, new OffLineResp(uid, loginType, RequestHolder.get().getIp())));
|
||||
applicationEventPublisher.publishEvent(new TokenExpireEvent(this, new OffLineResp(uid, loginType, RequestHolder.get().getIp(), uuid)));
|
||||
}
|
||||
|
||||
// 2. 创建用户token
|
||||
|
||||
@@ -183,7 +183,7 @@ public class WXMsgServiceImpl implements WebSocketService {
|
||||
}
|
||||
// 让前端的token失效
|
||||
else {
|
||||
sendMsg(channel, WsAdapter.buildInvalidateTokenResp(new OffLineResp(JwtUtils.getUidOrNull(wsAuthorize.getToken()), LoginTypeEnum.PC.getType(), null)));
|
||||
sendMsg(channel, WsAdapter.buildInvalidateTokenResp(new OffLineResp(JwtUtils.getUidOrNull(wsAuthorize.getToken()), LoginTypeEnum.PC.getType(), null, null)));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user