perf(token): token退出失效采用token黑名单

backend/src/main/java/io/dataease/auth/config/F2CRealm.java

@@ -84,7 +84,7 @@ public class F2CRealm extends AuthorizingRealm {
             token = (String) auth.getCredentials();
             // 解密获得username，用于和数据库进行对比
             tokenInfo = JWTUtils.tokenInfoByToken(token);
-            if (!TokenCacheUtils.validate(token)) {
+            if (TokenCacheUtils.invalid(token)) {
                 throw new AuthenticationException("token invalid");
             }
         } catch (Exception e) {

backend/src/main/java/io/dataease/auth/filter/JWTFilter.java

@@ -66,7 +66,7 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
         if (StringUtils.startsWith(authorization, "Basic")) {
             return false;
         }
-        if (!TokenCacheUtils.validate(authorization) && !TokenCacheUtils.validateDelay(authorization)) {
+        if (TokenCacheUtils.invalid(authorization)) {
             throw new AuthenticationException(expireMessage);
         }
         // 当没有出现登录超时 且需要刷新token 则执行刷新token
@@ -75,8 +75,6 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
             throw new AuthenticationException(expireMessage);
         }
         if (JWTUtils.needRefresh(authorization)) {
-            TokenCacheUtils.addWithTtl(authorization, 1L);
-            TokenCacheUtils.remove(authorization);
             authorization = refreshToken(request, response);
         }
         JWTToken token = new JWTToken(authorization);

backend/src/main/java/io/dataease/auth/server/AuthServer.java

@@ -148,7 +148,7 @@ public class AuthServer implements AuthApi {
                 AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
                 DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_id_or_pwd_error"), lockStatus));
             }
-            if(user.getIsAdmin() && user.getPassword().equals("40b8893ea9ebc2d631c4bb42bb1e8996")){
+            if (user.getIsAdmin() && user.getPassword().equals("40b8893ea9ebc2d631c4bb42bb1e8996")) {
                 result.put("passwordModified", false);
             }
         }
@@ -237,7 +237,7 @@ public class AuthServer implements AuthApi {
             if (StringUtils.isBlank(result)) {
                 result = "success";
             }
-            TokenCacheUtils.remove(token);
+            TokenCacheUtils.add(token, userId);
         } catch (Exception e) {
             LogUtil.error(e);
             if (StringUtils.isBlank(result)) {
@@ -291,7 +291,7 @@ public class AuthServer implements AuthApi {
             if (StringUtils.isBlank(result)) {
                 result = "success";
             }
-            TokenCacheUtils.remove(token);
+            TokenCacheUtils.add(token, userId);
         } catch (Exception e) {
             LogUtil.error(e);
             if (StringUtils.isBlank(result)) {

backend/src/main/java/io/dataease/auth/util/JWTUtils.java

@@ -10,7 +10,6 @@ import com.auth0.jwt.interfaces.Verification;
 import io.dataease.auth.entity.TokenInfo;
 import io.dataease.auth.entity.TokenInfo.TokenInfoBuilder;
 import io.dataease.commons.utils.CommonBeanFactory;
-import io.dataease.commons.utils.TokenCacheUtils;
 import io.dataease.exception.DataEaseException;
 import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -120,7 +119,6 @@ public class JWTUtils {
                     .withClaim("username", tokenInfo.getUsername())
                     .withClaim("userId", tokenInfo.getUserId());
             String sign = builder.withExpiresAt(date).sign(algorithm);
-            TokenCacheUtils.add(sign, tokenInfo.getUserId());
             return sign;
 
         } catch (Exception e) {

backend/src/main/java/io/dataease/commons/utils/TokenCacheUtils.java

@@ -3,36 +3,76 @@ package io.dataease.commons.utils;
 import io.dataease.listener.util.CacheUtils;
 import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.ValueOperations;
+import org.springframework.stereotype.Component;
 
+import java.util.concurrent.TimeUnit;
+
+
+@Component
 public class TokenCacheUtils {
 
+
     private static final String KEY = "sys_token_store";
-    private static final String DELAY_KEY = "sys_token_store_delay";
+
+    private static String cacheType;
+
+    private static Long expTime;
+
+    @Value("${spring.cache.type:ehcache}")
+    public void setCacheType(String cacheType) {
+        TokenCacheUtils.cacheType = cacheType;
+    }
+
+    @Value("${dataease.login_timeout:480}")
+    public void setExpTime(Long expTime) {
+        TokenCacheUtils.expTime = expTime;
+    }
+
+    private static boolean useRedis() {
+        return StringUtils.equals(cacheType, "redis");
+    }
+
+
+    private static ValueOperations cacheHandler() {
+        RedisTemplate redisTemplate = (RedisTemplate) CommonBeanFactory.getBean("redisTemplate");
+        ValueOperations valueOperations = redisTemplate.opsForValue();
+        return valueOperations;
+    }
 
     public static void add(String token, Long userId) {
-        CacheUtils.put(KEY, token, userId, null, null);
+        if (useRedis()) {
+            ValueOperations valueOperations = cacheHandler();
+            valueOperations.set(KEY + token, userId, expTime, TimeUnit.MINUTES);
+            return;
+        }
+
+        Long time = expTime * 60;
+        CacheUtils.put(KEY, token, userId, time.intValue(), null);
+
     }
 
     public static void remove(String token) {
+        if (useRedis()) {
+            RedisTemplate redisTemplate = (RedisTemplate) CommonBeanFactory.getBean("redisTemplate");
+            String key = KEY + token;
+            if (redisTemplate.hasKey(key)) {
+                redisTemplate.delete(key);
+            }
+            return;
+        }
         CacheUtils.remove(KEY, token);
     }
 
-    public static boolean validate(String token) {
+    public static boolean invalid(String token) {
+        if (useRedis()) {
+            RedisTemplate redisTemplate = (RedisTemplate) CommonBeanFactory.getBean("redisTemplate");
+            return redisTemplate.hasKey(KEY + token);
+        }
         Object sys_token_store = CacheUtils.get(KEY, token);
         return ObjectUtils.isNotEmpty(sys_token_store) && StringUtils.isNotBlank(sys_token_store.toString());
     }
 
-    public static boolean validate(String token, Long userId) {
-        Object sys_token_store = CacheUtils.get(KEY, token);
-        return ObjectUtils.isNotEmpty(sys_token_store) && StringUtils.isNotBlank(sys_token_store.toString()) && userId == Long.parseLong(sys_token_store.toString());
-    }
-
-    public static void addWithTtl(String token, Long userId) {
-        CacheUtils.put(DELAY_KEY, token, userId, 3, 5);
-    }
-
-    public static boolean validateDelay(String token) {
-        Object tokenObj = CacheUtils.get(DELAY_KEY, token);
-        return ObjectUtils.isNotEmpty(tokenObj) && StringUtils.isNotBlank(tokenObj.toString());
-    }
 }