update satoken 1.34.0 => 1.35.0.RC 优化过期配置支持多端token自定义有效期

2025-09-07 21:09:33 +00:00 · 2023-06-25 22:11:24 +08:00
parent 2528ecc3d2
commit 45d062af63
6 changed files with 26 additions and 8 deletions
--- a/config/nacos/application-common.yml
+++ b/config/nacos/application-common.yml
@@ -171,8 +171,9 @@ sa-token:
  token-name: Authorization
  # token有效期 设为一天 (必定过期) 单位: 秒
  timeout: 86400
-  # token临时有效期 (指定时间无操作就过期) 单位: 秒
-  activity-timeout: 1800
+  # 多端不同 token 有效期 可查看 LoginHelper.loginByDevice 方法自定义
+  # token最低活跃时间 (指定时间无操作就过期) 单位: 秒
+  active-timeout: 1800
  # 开启内网服务调用鉴权
  check-same-token: true
  # Same-Token的有效期 (单位: 秒)(默认一天）
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@
        <redisson.version>3.20.1</redisson.version>
        <lock4j.version>2.2.3</lock4j.version>
        <xxl-job.version>2.4.0</xxl-job.version>
-        <satoken.version>1.34.0</satoken.version>
+        <satoken.version>1.35.0.RC</satoken.version>
        <lombok.version>1.18.26</lombok.version>
        <logstash.version>7.2</logstash.version>
        <easy-es.version>1.1.1</easy-es.version>
--- a/ruoyi-common/ruoyi-common-dubbo/pom.xml
+++ b/ruoyi-common/ruoyi-common-dubbo/pom.xml
@@ -64,7 +64,7 @@
        <!-- Sa-Token 整合 Dubbo -->
        <dependency>
            <groupId>cn.dev33</groupId>
-            <artifactId>sa-token-context-dubbo</artifactId>
+            <artifactId>sa-token-dubbo3</artifactId>
            <version>${satoken.version}</version>
            <exclusions>
                <exclusion>
--- a/ruoyi-common/ruoyi-common-satoken/src/main/java/com/ruoyi/common/satoken/utils/LoginHelper.java
+++ b/ruoyi-common/ruoyi-common-satoken/src/main/java/com/ruoyi/common/satoken/utils/LoginHelper.java
@@ -2,6 +2,7 @@ package com.ruoyi.common.satoken.utils;

 import cn.dev33.satoken.context.SaHolder;
 import cn.dev33.satoken.context.model.SaStorage;
+import cn.dev33.satoken.session.SaSession;
 import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.convert.Convert;
@@ -54,6 +55,14 @@ public class LoginHelper {
        if (ObjectUtil.isNotNull(deviceType)) {
            model.setDevice(deviceType.getDevice());
        }
+        // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
+        // 例如: 后台用户30分钟过期 app用户1天过期
+//        UserType userType = UserType.getUserType(loginUser.getUserType());
+//        if (userType == UserType.SYS_USER) {
+//            model.setTimeout(86400).setActiveTimeout(1800);
+//        } else if (userType == UserType.APP_USER) {
+//            model.setTimeout(86400).setActiveTimeout(1800);
+//        }
        StpUtil.login(loginUser.getLoginId(), model.setExtra(USER_KEY, loginUser.getUserId()));
        StpUtil.getTokenSession().set(LOGIN_USER_KEY, loginUser);
    }
@@ -66,7 +75,11 @@ public class LoginHelper {
        if (loginUser != null) {
            return loginUser;
        }
-        loginUser = (LoginUser) StpUtil.getTokenSession().get(LOGIN_USER_KEY);
+        SaSession session = StpUtil.getTokenSession();
+        if (ObjectUtil.isNull(session)) {
+            return null;
+        }
+        loginUser = (LoginUser) session.get(LOGIN_USER_KEY);
        SaHolder.getStorage().set(LOGIN_USER_KEY, loginUser);
        return loginUser;
    }
@@ -75,7 +88,11 @@ public class LoginHelper {
     * 获取用户基于token
     */
    public static LoginUser getLoginUser(String token) {
-        return (LoginUser) StpUtil.getTokenSessionByToken(token).get(LOGIN_USER_KEY);
+        SaSession session = StpUtil.getTokenSessionByToken(token);
+        if (ObjectUtil.isNull(session)) {
+            return null;
+        }
+        return (LoginUser) session.get(LOGIN_USER_KEY);
    }

    /**
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java
@@ -45,7 +45,7 @@ public class SysUserOnlineController extends BaseController {
        for (String key : keys) {
            String token = StringUtils.substringAfterLast(key, ":");
            // 如果已经过期则踢下线
-            if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
+            if (StpUtil.stpLogic.getTokenActiveTimeoutByToken(token) < -1) {
                continue;
            }
            userOnlineList.add(RedisUtils.getCacheObject(CacheConstants.ONLINE_TOKEN_KEY + token));
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@@ -442,7 +442,7 @@ public class SysRoleServiceImpl implements ISysRoleService {
        keys.parallelStream().forEach(key -> {
            String token = StringUtils.substringAfterLast(key, ":");
            // 如果已经过期则跳过
-            if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
+            if (StpUtil.stpLogic.getTokenActiveTimeoutByToken(token) < -1) {
                return;
            }
            LoginUser loginUser = LoginHelper.getLoginUser(token);