From e2b7c5109e8e16c8c5863040ae1c8b6229a7e8f9 Mon Sep 17 00:00:00 2001 From: sheldon guo Date: Thu, 13 Feb 2025 16:30:28 +0800 Subject: [PATCH] fix: handle expired session error in auth flow and remove unused cache update --- packages/core/auth/src/base/auth.ts | 7 +++++++ .../@nocobase/plugin-auth/src/server/token-controller.ts | 1 - 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/core/auth/src/base/auth.ts b/packages/core/auth/src/base/auth.ts index b4d9e4722f..d9774d6143 100644 --- a/packages/core/auth/src/base/auth.ts +++ b/packages/core/auth/src/base/auth.ts @@ -173,6 +173,13 @@ export class BaseAuth extends Auth { }); } + if (!jti) { + this.ctx.throw(401, { + message: this.ctx.t('Your session has expired. Please sign in again.', { ns: localeNamespace }), + code: AuthErrorCode.INVALID_TOKEN, + }); + } + const renewedResult = await this.tokenController.renew(jti); this.ctx.logger.info('token renewed', { method: 'auth.check', diff --git a/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts b/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts index 5be4f898c7..cbf05c99ac 100644 --- a/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts +++ b/packages/plugins/@nocobase/plugin-auth/src/server/token-controller.ts @@ -41,7 +41,6 @@ export class TokenController implements TokenControlService { async setTokenInfo(id: string, value: TokenInfo): Promise { const repo = this.app.db.getRepository>(issuedTokensCollectionName); await repo.updateOrCreate({ filterKeys: ['id'], values: value }); - await this.cache.set(`${JTICACHEKEY}:${id}`, value); return; }