gaoxing/UNIVPLMDataIntegration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🍒 refactor(sysAuth): 优化 token 黑名单处理逻辑

Browse Source
This commit is contained in:
喵你个汪呀 2025-08-24 15:03:29 +08:00
parent 22f299bb1e
commit 2d8e8a62e7
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs
View File

@ -355,13 +355,14 @@ public class SysAuthService : IDynamicApiController, ITransient
{ {
var httpContext = _httpContextAccessor.HttpContext ?? throw Oops.Oh(ErrorCodeEnum.D1016); var httpContext = _httpContextAccessor.HttpContext ?? throw Oops.Oh(ErrorCodeEnum.D1016);
var accessToken = httpContext.Request.Headers.Authorization.ToString(); var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value;
if (string.IsNullOrWhiteSpace(accessToken) || string.IsNullOrWhiteSpace(_userManager.Account)) var version = httpContext.User.FindFirst(ClaimConst.TokenVersion)?.Value;
if (string.IsNullOrWhiteSpace(userId) || string.IsNullOrWhiteSpace(version) || string.IsNullOrWhiteSpace(_userManager.Account))
throw Oops.Oh(ErrorCodeEnum.D1011); throw Oops.Oh(ErrorCodeEnum.D1011);
// 写入Token黑名单 // 写入Token黑名单
var tokenExpire = await _sysConfigService.GetTokenExpire(); var tokenExpire = await _sysConfigService.GetTokenExpire();
_sysCacheService.Set($"{CacheConst.KeyTokenBlacklist}:{accessToken}", _userManager.Account, TimeSpan.FromMinutes(tokenExpire)); _sysCacheService.Set($"{CacheConst.KeyTokenBlacklist}:{userId}:{version}", _userManager.Account, TimeSpan.FromMinutes(tokenExpire));
// 发布系统退出事件 // 发布系统退出事件
await _eventPublisher.PublishAsync(UserEventTypeEnum.Logout, _userManager); await _eventPublisher.PublishAsync(UserEventTypeEnum.Logout, _userManager);

4
Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
View File

@ -60,9 +60,9 @@ namespace Admin.NET.Web.Core
} }
// 验证Token黑名单 // 验证Token黑名单
var accessToken = httpContext.Request.Headers.Authorization.ToString();
var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value; var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value;
if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}:{accessToken}") || !sysCacheService.ExistKey($"{CacheConst.KeyUserSession}{userId}")) var version = httpContext.User.FindFirst(ClaimConst.TokenVersion)?.Value;
if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}:{userId}:{version}") || !sysCacheService.ExistKey($"{CacheConst.KeyUserSession}{userId}"))
{ {
context.Fail(new AuthorizationFailureReason(this, "令牌已失效,请重新登录。")); context.Fail(new AuthorizationFailureReason(this, "令牌已失效,请重新登录。"));
context.StatusCode(StatusCodes.Status401Unauthorized); context.StatusCode(StatusCodes.Status401Unauthorized);