🍑 refactor(cache): 优化 Jwt 认证失败状态码

Admin.NET/Admin.NET.Core/Service/Cache/SysCacheService.cs

@@ -13,16 +13,13 @@ namespace Admin.NET.Core.Service;
 public class SysCacheService : IDynamicApiController, ISingleton
 {
     private readonly Lazy<UserManager> _userManager = new(() => App.GetService<UserManager>());
-    private readonly SqlSugarRepository<SysUser> _sysUserRep;
     private static ICacheProvider _cacheProvider;
     private readonly CacheOptions _cacheOptions;
 
     public SysCacheService(
         ICacheProvider cacheProvider,
-        IOptions<CacheOptions> cacheOptions,
-        SqlSugarRepository<SysUser> sysUserRep)
+        IOptions<CacheOptions> cacheOptions)
     {
-        _sysUserRep = sysUserRep;
         _cacheProvider = cacheProvider;
         _cacheOptions = cacheOptions.Value;
     }
@@ -443,7 +440,8 @@ public class SysCacheService : IDynamicApiController, ISingleton
         }
 
         // 排除非本租户、以及超管的Session缓存
-        var userIds = _sysUserRep.AsQueryable().Where(u => u.AccountType != AccountTypeEnum.SuperAdmin).Select(u => u.Id).ToList().Select(u => u.ToString()).ToList();
+        var sysUserRep = App.GetService<SqlSugarRepository<SysUser>>();
+        var userIds = sysUserRep.AsQueryable().Where(u => u.AccountType != AccountTypeEnum.SuperAdmin).Select(u => u.Id).ToList().Select(u => u.ToString()).ToList();
         var keys = _cacheProvider.Cache.Keys.Where(key => !key.StartsWith(CacheConst.KeyUserSession) || userIds.Any(key.EndsWith)).ToList();
         keys.ForEach(key => _cacheProvider.Cache.Remove(key));
     }

Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs

@@ -51,6 +51,7 @@ namespace Admin.NET.Web.Core
             else
             {
                 context.Fail(new AuthorizationFailureReason(this, "登录已过期，请重新登录。"));
+                context.StatusCode(StatusCodes.Status401Unauthorized);
                 var currentHttpContext = context.GetCurrentHttpContext();
                 // 跳过签名 SignatureAuthentication 引发的失败
                 if (currentHttpContext.Items.ContainsKey(SignatureAuthenticationDefaults.AuthenticateFailMsgKey)) return;
@@ -64,6 +65,7 @@ namespace Admin.NET.Web.Core
             if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}:{accessToken}") || !sysCacheService.ExistKey($"{CacheConst.KeyUserSession}{userId}"))
             {
                 context.Fail(new AuthorizationFailureReason(this, "令牌已失效，请重新登录。"));
+                context.StatusCode(StatusCodes.Status401Unauthorized);
                 context.GetCurrentHttpContext().SignoutToSwagger();
                 return;
             }
@@ -78,6 +80,7 @@ namespace Admin.NET.Web.Core
                 if (user == null || user.Status == StatusEnum.Disable)
                 {
                     context.Fail(new AuthorizationFailureReason(this, "账号不存在或已被停用，请联系管理员。"));
+                    context.StatusCode(StatusCodes.Status401Unauthorized);
                     context.GetCurrentHttpContext().SignoutToSwagger();
                     return;
                 }
@@ -87,6 +90,7 @@ namespace Admin.NET.Web.Core
             if (string.IsNullOrWhiteSpace(tokenVersion1) || tokenVersion1 != tokenVersion2)
             {
                 context.Fail(new AuthorizationFailureReason(this, "令牌已失效，请重新登录。"));
+                context.StatusCode(StatusCodes.Status401Unauthorized);
                 context.GetCurrentHttpContext().SignoutToSwagger();
                 return;
             }
@@ -99,6 +103,7 @@ namespace Admin.NET.Web.Core
                 if (tenant != null && tenant.ExpirationTime != null && DateTime.Now > tenant.ExpirationTime)
                 {
                     context.Fail(new AuthorizationFailureReason(this, "租户已过期，请联系管理员。"));
+                    context.StatusCode(StatusCodes.Status401Unauthorized);
                     context.GetCurrentHttpContext().SignoutToSwagger();
                 }
             }