fix(登录): 刷新token导致退出登录

2023-02-10 12:54:44 +08:00 · 2023-02-10 12:54:44 +08:00 · ad8746e1bc
commit ad8746e1bc
parent 37a27fb322
4 changed files with 26 additions and 2 deletions
--- a/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
+++ b/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
@ -66,7 +66,7 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
        if (StringUtils.startsWith(authorization, "Basic")) {
            return false;
        }
-        if (!TokenCacheUtils.validate(authorization)) {
+        if (!TokenCacheUtils.validate(authorization) && TokenCacheUtils.validateDelay(authorization)) {
            throw new AuthenticationException(expireMessage);
        }
        // 当没有出现登录超时 且需要刷新token 则执行刷新token
@ -75,6 +75,7 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
            throw new AuthenticationException(expireMessage);
        }
        if (JWTUtils.needRefresh(authorization)) {
+            TokenCacheUtils.addWithTtl(authorization, 1L);
            TokenCacheUtils.remove(authorization);
            authorization = refreshToken(request, response);
        }
--- a/backend/src/main/java/io/dataease/commons/utils/TokenCacheUtils.java
+++ b/backend/src/main/java/io/dataease/commons/utils/TokenCacheUtils.java
@ -7,6 +7,7 @@ import org.apache.commons.lang3.StringUtils;
 public class TokenCacheUtils {

    private static final String KEY = "sys_token_store";
+    private static final String DELAY_KEY = "sys_token_store_delay";

    public static void add(String token, Long userId) {
        CacheUtils.put(KEY, token, userId, null, null);
@ -25,4 +26,13 @@ public class TokenCacheUtils {
        Object sys_token_store = CacheUtils.get(KEY, token);
        return ObjectUtils.isNotEmpty(sys_token_store) && StringUtils.isNotBlank(sys_token_store.toString()) && userId == Long.parseLong(sys_token_store.toString());
    }
+
+    public static void addWithTtl(String token, Long userId) {
+        CacheUtils.put(DELAY_KEY, token, userId, 3, 5);
+    }
+
+    public static boolean validateDelay(String token) {
+        Object tokenObj = CacheUtils.get(DELAY_KEY, token);
+        return ObjectUtils.isNotEmpty(tokenObj) && StringUtils.isNotBlank(tokenObj.toString());
+    }
 }
--- a/backend/src/main/resources/ehcache/ehcache.xml
+++ b/backend/src/main/resources/ehcache/ehcache.xml
@ -279,5 +279,17 @@
            diskPersistent="false"
    />

+    <cache
+            name="sys_token_store_delay"
+            eternal="false"
+            maxElementsInMemory="100"
+            maxElementsOnDisk="3000"
+            overflowToDisk="true"
+            diskPersistent="false"
+            timeToIdleSeconds="3"
+            timeToLiveSeconds="5"
+            memoryStoreEvictionPolicy="LRU"
+    />
+

 </ehcache>
--- a/frontend/src/utils/request.js
+++ b/frontend/src/utils/request.js
@ -1,7 +1,7 @@
 import axios from 'axios'
 import store from '@/store'
 import { $alert, $error } from './message'
-import { getToken, getIdToken } from '@/utils/auth'
+import { getToken, getIdToken, setToken } from '@/utils/auth'
 import Config from '@/settings'
 import i18n from '@/lang'
 import { tryShowLoading, tryHideLoading } from './loading'
@ -157,6 +157,7 @@ const checkAuth = response => {
  // token到期后自动续命 刷新token
  if (response.headers[RefreshTokenKey]) {
    const refreshToken = response.headers[RefreshTokenKey]
+    setToken(refreshToken)
    store.dispatch('user/refreshToken', refreshToken)
  }