From 39d4efee6aab5f9b9807dec6eb8afdcbf628f5cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?=
<15040126243@163.com>
Date: Sun, 25 Jun 2023 13:49:26 +0800
Subject: [PATCH] =?UTF-8?q?update=20satoken=201.34.0=20=3D>=201.35.0.RC=20?=
=?UTF-8?q?=E4=BC=98=E5=8C=96=E8=BF=87=E6=9C=9F=E9=85=8D=E7=BD=AE=20?=
=?UTF-8?q?=E6=94=AF=E6=8C=81=E5=A4=9A=E7=AB=AFtoken=E8=87=AA=E5=AE=9A?=
=?UTF-8?q?=E4=B9=89=E6=9C=89=E6=95=88=E6=9C=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
pom.xml | 4 ++--
.../monitor/SysUserOnlineController.java | 2 +-
.../src/main/resources/application.yml | 5 +++--
.../com/ruoyi/common/helper/LoginHelper.java | 21 +++++++++++++++++--
.../service/impl/SysRoleServiceImpl.java | 4 ++--
5 files changed, 27 insertions(+), 9 deletions(-)
diff --git a/pom.xml b/pom.xml
index c37e6bb66..882ffc5e2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,9 +22,9 @@
2.2.2
1.6.15
5.2.3
- 3.2.1
+ 3.3.1
2.3
- 1.34.0
+ 1.35.0.RC
3.5.3.1
3.9.1
5.8.18
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
index 33d425a6a..17e6d5af5 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
@@ -47,7 +47,7 @@ public class SysUserOnlineController extends BaseController {
for (String key : keys) {
String token = StringUtils.substringAfterLast(key, ":");
// 如果已经过期则跳过
- if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
+ if (StpUtil.stpLogic.getTokenActiveTimeoutByToken(token) < -1) {
continue;
}
userOnlineDTOList.add(RedisUtils.getCacheObject(CacheConstants.ONLINE_TOKEN_KEY + token));
diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index a6617bc6f..da4154526 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -104,8 +104,9 @@ sa-token:
token-name: Authorization
# token有效期 设为一天 (必定过期) 单位: 秒
timeout: 86400
- # token临时有效期 (指定时间无操作就过期) 单位: 秒
- activity-timeout: 1800
+ # 多端不同 token 有效期 可查看 LoginHelper.loginByDevice 方法自定义
+ # token最低活跃时间 (指定时间无操作就过期) 单位: 秒
+ active-timeout: 1800
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
is-concurrent: true
# 在多人登录同一账号时,是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java b/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
index 3cbddb137..1accf6041 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
@@ -2,6 +2,7 @@ package com.ruoyi.common.helper;
import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.context.model.SaStorage;
+import cn.dev33.satoken.session.SaSession;
import cn.dev33.satoken.stp.SaLoginModel;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.convert.Convert;
@@ -54,6 +55,14 @@ public class LoginHelper {
if (ObjectUtil.isNotNull(deviceType)) {
model.setDevice(deviceType.getDevice());
}
+ // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
+ // 例如: 后台用户30分钟过期 app用户1天过期
+// UserType userType = UserType.getUserType(loginUser.getUserType());
+// if (userType == UserType.SYS_USER) {
+// model.setTimeout(86400).setActiveTimeout(1800);
+// } else if (userType == UserType.APP_USER) {
+// model.setTimeout(86400).setActiveTimeout(1800);
+// }
StpUtil.login(loginUser.getLoginId(), model.setExtra(USER_KEY, loginUser.getUserId()));
StpUtil.getTokenSession().set(LOGIN_USER_KEY, loginUser);
}
@@ -66,7 +75,11 @@ public class LoginHelper {
if (loginUser != null) {
return loginUser;
}
- loginUser = (LoginUser) StpUtil.getTokenSession().get(LOGIN_USER_KEY);
+ SaSession session = StpUtil.getTokenSession();
+ if (ObjectUtil.isNull(session)) {
+ return null;
+ }
+ loginUser = (LoginUser) session.get(LOGIN_USER_KEY);
SaHolder.getStorage().set(LOGIN_USER_KEY, loginUser);
return loginUser;
}
@@ -75,7 +88,11 @@ public class LoginHelper {
* 获取用户基于token
*/
public static LoginUser getLoginUser(String token) {
- return (LoginUser) StpUtil.getTokenSessionByToken(token).get(LOGIN_USER_KEY);
+ SaSession session = StpUtil.getTokenSessionByToken(token);
+ if (ObjectUtil.isNull(session)) {
+ return null;
+ }
+ return (LoginUser) session.get(LOGIN_USER_KEY);
}
/**
diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
index 15713d407..0a3d70e62 100644
--- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@@ -442,11 +442,11 @@ public class SysRoleServiceImpl implements ISysRoleService {
keys.parallelStream().forEach(key -> {
String token = StringUtils.substringAfterLast(key, ":");
// 如果已经过期则跳过
- if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
+ if (StpUtil.stpLogic.getTokenActiveTimeoutByToken(token) < -1) {
return;
}
LoginUser loginUser = LoginHelper.getLoginUser(token);
- if (loginUser.getRoles().stream().anyMatch(r -> r.getRoleId().equals(roleId))) {
+ if (ObjectUtil.isNotNull(loginUser) && loginUser.getRoles().stream().anyMatch(r -> r.getRoleId().equals(roleId))) {
try {
StpUtil.logoutByTokenValue(token);
} catch (NotLoginException ignored) {