From ddff4e9b7cea6d6d0feaf14cdd462affc9b34b38 Mon Sep 17 00:00:00 2001 From: Sheldon Guo Date: Fri, 14 Feb 2025 05:27:43 +0800 Subject: [PATCH] fix: test --- packages/core/auth/src/base/auth.ts | 5 ++++- .../plugin-auth/src/client/interceptors.ts | 8 +++---- .../src/server/token-controller.ts | 22 +++++++------------ 3 files changed, 16 insertions(+), 19 deletions(-) diff --git a/packages/core/auth/src/base/auth.ts b/packages/core/auth/src/base/auth.ts index d9774d6143..6f5d3ee408 100644 --- a/packages/core/auth/src/base/auth.ts +++ b/packages/core/auth/src/base/auth.ts @@ -187,7 +187,10 @@ export class BaseAuth extends Auth { headers: JSON.stringify(this.ctx?.req?.headers), }); const expiresIn = Math.floor(tokenPolicy.tokenExpirationTime / 1000); - const newToken = this.jwt.sign({ userId, roleName, temp, signInTime }, { jwtid: renewedResult.jti, expiresIn }); + const newToken = this.jwt.sign( + { userId, roleName, temp, signInTime, iat: Math.floor(renewedResult.issuedTime / 1000) }, + { jwtid: renewedResult.jti, expiresIn }, + ); this.ctx.res.setHeader('x-new-token', newToken); return user; } catch (err) { diff --git a/packages/plugins/@nocobase/plugin-auth/src/client/interceptors.ts b/packages/plugins/@nocobase/plugin-auth/src/client/interceptors.ts index 00cc5c6165..5685fac6e1 100644 --- a/packages/plugins/@nocobase/plugin-auth/src/client/interceptors.ts +++ b/packages/plugins/@nocobase/plugin-auth/src/client/interceptors.ts @@ -57,10 +57,10 @@ export function authCheckMiddleware({ app }: { app: Application }) { if (error.status === 401 && !error.config?.skipAuth) { const requestToken = error?.config?.headers?.Authorization?.replace(/^Bearer\s+/gi, ''); const currentToken = app.apiClient.auth.getToken(); - if (currentToken && currentToken !== requestToken) { - error.config.skipNotify = true; - return app.apiClient.request(error.config); - } + // if (currentToken && currentToken !== requestToken) { + // error.config.skipNotify = true; + // return app.apiClient.request(error.config); + // } app.apiClient.auth.setToken(''); const errors = error?.response?.data?.errors; const firstError = Array.isArray(errors) ? errors[0] : null; diff --git a/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts b/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts index cbf05c99ac..c0c4975ed7 100644 --- a/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts +++ b/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts @@ -108,20 +108,7 @@ export class TokenController implements TokenControlService { renew: TokenControlService['renew'] = async (jti) => { const repo = this.app.db.getRepository(issuedTokensCollectionName); const model = this.app.db.getModel(issuedTokensCollectionName); - const exists = await repo.findOne({ filter: { jti } }); - if (!exists) { - this.logger.error('jti not found', { - module: 'auth', - submodule: 'token-controller', - method: 'renew', - jti, - code: AuthErrorCode.TOKEN_RENEW_FAILED, - }); - throw new AuthError({ - message: 'Your session has expired. Please sign in again.', - code: AuthErrorCode.TOKEN_RENEW_FAILED, - }); - } + const newId = randomUUID(); const issuedTime = Date.now(); @@ -132,8 +119,15 @@ export class TokenController implements TokenControlService { ); if (count === 1) { + await this.cache.set(`jti-renewed-cahce:${jti}`, { jti: newId, issuedTime }, 20000); + this.logger.info('jti renewed', { oldJti: jti, newJti: newId, issuedTime }); return { jti: newId, issuedTime }; } else { + const cachedJtiData = await this.cache.get(`jti-renewed-cahce:${jti}`); + if (cachedJtiData) { + return cachedJtiData as { jti: string; issuedTime: EpochTimeStamp }; + } + this.logger.error('jti renew failed', { module: 'auth', submodule: 'token-controller',