fix 81 issue 刷新token问题

springboot-plus · springboot-plus · commit 766f02f6ea8f · 2019-10-21T19:07:36.000+08:00
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/cache/LoginRedisService.java b/src/main/java/io/geekidea/springbootplus/shiro/cache/LoginRedisService.java
@@ -34,9 +34,17 @@ public interface LoginRedisService {
      *
      * @param jwtToken
      * @param loginSysUserVo
-     * @param generate       true:生成，false:刷新
      */
-    void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boolean generate);
+    void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo);
+
+
+    /**
+     * 刷新登陆信息
+     * @param oldToken
+     * @param username
+     * @param newJwtToken
+     */
+    void refreshLoginInfo(String oldToken,String username,JwtToken newJwtToken);
 
     /**
      * 通过用户名，从缓存中获取登陆用户LoginSysUserRedisVo
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/cache/impl/LoginRedisServiceImpl.java b/src/main/java/io/geekidea/springbootplus/shiro/cache/impl/LoginRedisServiceImpl.java
@@ -64,7 +64,7 @@ public class LoginRedisServiceImpl implements LoginRedisService {
      * username:num
      */
     @Override
-    public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boolean generate) {
+    public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo) {
         if (jwtToken == null) {
             throw new IllegalArgumentException("jwtToken不能为空");
         }
@@ -112,6 +112,15 @@ public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boo
         redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
     }
 
+    @Override
+    public void refreshLoginInfo(String oldToken, String username, JwtToken newJwtToken) {
+        // 删除之前的token信息
+        deleteLoginInfo(oldToken, username);
+        // 缓存登陆信息
+        LoginSysUserRedisVo loginSysUserRedisVo = getLoginSysUserRedisVo(username);
+        cacheLoginInfo(newJwtToken, loginSysUserRedisVo);
+    }
+
     @Override
     public LoginSysUserRedisVo getLoginSysUserRedisVo(String username) {
         if (StringUtils.isBlank(username)) {
@@ -185,4 +194,5 @@ public void deleteUserAllCache(String username) {
         redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
     }
 
+
 }
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/service/impl/LoginServiceImpl.java b/src/main/java/io/geekidea/springbootplus/shiro/service/impl/LoginServiceImpl.java
@@ -119,7 +119,7 @@ public ApiResult login(LoginParam loginParam, HttpServletResponse response) {
         subject.login(jwtToken);
 
         // 缓存登陆信息到Redis
-        loginRedisService.cacheLoginInfo(jwtToken, loginSysUserVo, true);
+        loginRedisService.cacheLoginInfo(jwtToken, loginSysUserVo);
         // 设置响应头
         response.setHeader(JwtTokenUtil.getTokenName(), token);
         log.debug("登陆成功,username:{}", username);
@@ -160,16 +160,15 @@ public void refreshToken(JwtToken jwtToken, HttpServletResponse httpServletRespo
             throw new AuthenticationException("token已无效，请使用已刷新的token");
         }
         String username = jwtToken.getUsername();
-        // 生成新token
-        String newToken = JwtUtil.generateToken(username, jwtToken.getSalt(), Duration.ofSeconds(jwtProperties.getExpireSecond()));
-        DecodedJWT decodedJWT = JwtUtil.getJwtInfo(token);
-        jwtToken.setToken(newToken)
-                .setCreateDate(decodedJWT.getIssuedAt())
-                .setExpireDate(decodedJWT.getExpiresAt());
+        String salt = jwtToken.getSalt();
+        Long expireSecond = jwtProperties.getExpireSecond();
+        // 生成新token字符串
+        String newToken = JwtUtil.generateToken(username, salt, Duration.ofSeconds(expireSecond));
+        // 生成新JwtToken对象
+        JwtToken newJwtToken = JwtToken.build(newToken, username, salt, expireSecond);
         // 更新redis缓存
-        LoginSysUserRedisVo loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVo(username);
-        loginRedisService.cacheLoginInfo(jwtToken, loginSysUserRedisVo, false);
-        log.debug("刷新token成功，原token:{}，新token:{}", jwtToken.getToken(), newToken);
+        loginRedisService.refreshLoginInfo(token, username, newJwtToken);
+        log.debug("刷新token成功，原token:{}，新token:{}", token, newToken);
         // 设置响应头
         // 刷新token
         httpServletResponse.setStatus(CommonConstant.JWT_REFRESH_TOKEN_CODE);
