🍒 feat(auth): 实现 session 自动刷新

2025-08-29 19:51:41 +08:00 · 2025-08-29 19:51:41 +08:00 · 96164b3328
commit 96164b3328
parent 14be6adacc
4 changed files with 41 additions and 2 deletions
--- a/Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs
+++ b/Admin.NET/Admin.NET.Core/Service/Auth/SysAuthService.cs
@ -440,4 +440,15 @@ public class SysAuthService : IDynamicApiController, ITransient
            return 401;
        }
    }
+
+    /// <summary>
+    /// 刷新token
+    /// </summary>
+    /// <param name="userId"></param>
+    [NonAction]
+    public async Task RefreshToken(long userId)
+    {
+        var user = await _sysUserRep.AsQueryable().IgnoreTenant().Includes(u => u.SysOrg).FirstAsync(u => u.Id == userId);
+        await CreateToken(user);
+    }
 }
--- a/Admin.NET/Admin.NET.Core/Service/Cache/SysCacheService.cs
+++ b/Admin.NET/Admin.NET.Core/Service/Cache/SysCacheService.cs
@ -457,6 +457,17 @@ public class SysCacheService : IDynamicApiController, ISingleton
        return _cacheProvider.Cache.ContainsKey($"{_cacheOptions.Prefix}{key}");
    }

+    /// <summary>
+    /// 检查缓存是否不存在
+    /// </summary>
+    /// <param name="key">键</param>
+    /// <returns></returns>
+    [NonAction]
+    public bool NotExistKey(string key)
+    {
+        return !_cacheProvider.Cache.ContainsKey($"{_cacheOptions.Prefix}{key}");
+    }
+
    /// <summary>
    /// 根据键名前缀删除缓存 🔖
    /// </summary>
--- a/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs
+++ b/Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs
@ -168,6 +168,9 @@ public class SysUserService : IDynamicApiController, ITransient
        // 更新域账号
        await _sysUserLdapService.AddUserLdap(user.TenantId!.Value, user.Id, user.Account, input.DomainAccount);

+        // 清除用户session
+        _userManager.RemoveSession(input.Id);
+
        // 发布更新用户事件
        await _eventPublisher.PublishAsync(UserEventTypeEnum.Update, input);
    }
@ -246,8 +249,11 @@ public class SysUserService : IDynamicApiController, ITransient
    [DisplayName("更新用户基本信息")]
    public virtual async Task<int> UpdateBaseInfo(SysUser user)
    {
-        return await _sysUserRep.AsUpdateable(user)
+        var count = await _sysUserRep.AsUpdateable(user)
            .IgnoreColumns(u => new { u.CreateTime, u.Account, u.Password, u.AccountType, u.OrgId, u.PosId }).ExecuteCommandAsync();
+        // 清除用户session
+        _userManager.RemoveSession(user.Id);
+        return count;
    }

    /// <summary>
@ -492,5 +498,8 @@ public class SysUserService : IDynamicApiController, ITransient

        // 强制下线账号
        await _sysOnlineUserService.ForceOfflineByUserId(user.Id);
+
+        // 清除用户session
+        _userManager.RemoveSession(user.Id);
    }
 }
--- a/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
+++ b/Admin.NET/Admin.NET.Web.Core/Handlers/JwtHandler.cs
@ -62,7 +62,7 @@ namespace Admin.NET.Web.Core
            // 验证Token黑名单
            var userId = httpContext.User.FindFirst(ClaimConst.UserId)?.Value;
            var version = httpContext.User.FindFirst(ClaimConst.TokenVersion)?.Value;
-            if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}{userId}:{version}") || !sysCacheService.ExistKey($"{CacheConst.KeyUserSession}{userId}"))
+            if (sysCacheService.ExistKey($"{CacheConst.KeyTokenBlacklist}{userId}:{version}"))
            {
                context.Fail(new AuthorizationFailureReason(this, "令牌已失效，请重新登录。"));
                context.StatusCode(StatusCodes.Status401Unauthorized);
@ -70,6 +70,14 @@ namespace Admin.NET.Web.Core
                return;
            }

+            // 刷新 Session
+            if (sysCacheService.NotExistKey($"{CacheConst.KeyUserSession}{userId}"))
+            {
+                var sysAuthService = serviceScope.ServiceProvider.GetRequiredService<SysAuthService>();
+                await sysAuthService.RefreshToken(long.Parse(userId!));
+                return;
+            }
+
            if (!string.IsNullOrWhiteSpace(userId))
            {
                // 查库并缓存用户Token版本