可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java index a2cf62e6..759d4eda 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java @@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 登录认证:只有登录之后才能进入该方法 + * 登录认证校验:只有登录之后才能进入该方法 *
可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java index 1f2d5165..784bcef6 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java @@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 权限认证:必须具有指定权限才能进入该方法 + * 权限认证校验:必须具有指定权限才能进入该方法 *
可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java index 79ebe55d..8dd422bb 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java @@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 角色认证:必须具有指定角色标识才能进入该方法 + * 角色认证校验:必须具有指定角色标识才能进入该方法 *
可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java index 00b29c34..314e6855 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java @@ -412,14 +412,10 @@ public class StpLogic { if(isConcurrent) { // 全局配置是否允许复用旧 Token if(getConfigOfIsShare()) { - // 为确保 jwt-simple 模式的 token Extra 数据生成不受旧token影响,这里必须确保 is-share 配置项在 ExtraData 为空时才可以生效 - // 即:在 login 时提供了 Extra 数据后,即使配置了 is-share=true 也不能复用旧 Token,必须创建新 Token - if(loginModel.isSetExtraData() == false) { - String tokenValue = getTokenValueByLoginId(id, loginModel.getDeviceOrDefault()); - // 复用成功的话就直接返回,否则还是要继续新建Token - if(SaFoxUtil.isNotEmpty(tokenValue)) { - return tokenValue; - } + String tokenValue = getTokenValueByLoginId(id, loginModel.getDeviceOrDefault()); + // 复用成功的话就直接返回,否则还是要继续新建Token + if(SaFoxUtil.isNotEmpty(tokenValue)) { + return tokenValue; } } } diff --git a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java index d28a40c7..84c733c5 100644 --- a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java +++ b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java @@ -13,7 +13,7 @@ import cn.dev33.satoken.SaManager; @SpringBootApplication public class SaTokenAloneRedisClusterApplication { - public static void main(String[] args) throws ClassNotFoundException { + public static void main(String[] args) { SpringApplication.run(SaTokenAloneRedisClusterApplication.class, args); System.out.println("\n启动成功:Sa-Token配置如下:" + SaManager.getConfig()); } diff --git a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml index 45805308..d077e783 100644 --- a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml +++ b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml @@ -13,7 +13,7 @@ sa-token: # 配置Sa-Token单独使用的Redis连接 alone-redis: # 普通集群 - pattern: cluster + # pattern: cluster # Redis服务器连接用户名(默认为空) username: # Redis服务器连接密码(默认为空) diff --git a/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json b/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json index 7a8f0d37..71f4d4c9 100644 --- a/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json +++ b/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json @@ -2890,9 +2890,9 @@ "dev": true }, "node_modules/@vue/vue-loader-v15/node_modules/json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "dependencies": { "minimist": "^1.2.0" @@ -6657,9 +6657,9 @@ "dev": true }, "node_modules/json5": { - "version": "2.2.1", - "resolved": "https://registry.npmmirror.com/json5/-/json5-2.2.1.tgz", - "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true, "bin": { "json5": "lib/cli.js" @@ -10320,9 +10320,9 @@ "dev": true }, "node_modules/vue-style-loader/node_modules/json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "dependencies": { "minimist": "^1.2.0" @@ -13258,9 +13258,9 @@ "dev": true }, "json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "requires": { "minimist": "^1.2.0" @@ -16167,9 +16167,9 @@ "dev": true }, "json5": { - "version": "2.2.1", - "resolved": "https://registry.npmmirror.com/json5/-/json5-2.2.1.tgz", - "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true }, "jsonfile": { @@ -18916,9 +18916,9 @@ "dev": true }, "json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "requires": { "minimist": "^1.2.0" diff --git a/sa-token-doc/plugin/alone-redis.md b/sa-token-doc/plugin/alone-redis.md index 4a70d1b9..f7ca5a9b 100644 --- a/sa-token-doc/plugin/alone-redis.md +++ b/sa-token-doc/plugin/alone-redis.md @@ -118,6 +118,10 @@ spring.redis.timeout=10s 具体可参考示例:[码云:application.yml](https://gitee.com/dromara/sa-token/blob/master/sa-token-demo/sa-token-demo-alone-redis/src/main/resources/application.yml) +集群配置说明: alone-redis同样可以配置集群(cluster模式和sentinel模式), 且基础配置参数和spring redis集群配置别无二致 + +集群配置示例可参考demo项目sa-token-demo-alone-redis-cluster + ### 3、测试 新建Controller测试一下 diff --git a/sa-token-doc/plugin/jwt-extend.md b/sa-token-doc/plugin/jwt-extend.md index 9307c023..2b2d5cdb 100644 --- a/sa-token-doc/plugin/jwt-extend.md +++ b/sa-token-doc/plugin/jwt-extend.md @@ -216,3 +216,23 @@ public void setSaJwtTemplate() { }); } ``` + + +### 9、注意点 + +##### 1、使用 jwt-simple 模式后,is-share=false 恒等于 false。 + +`is-share=true` 的意思是每次登录都产生一样的 token,这种策略和 [ 为每个 token 单独设定 setExtra 数据 ] 不兼容的, +为保证正确设定 Extra 数据,当使用 `jwt-simple` 模式后,`is-share` 配置项 恒等于 `false`。 + + +##### 2、使用 jwt-mixin 模式后,is-concurrent 必须为 true。 + +`is-concurrent=false` 代表每次登录都把旧登录顶下线,但是 jwt-mixin 模式登录的 token 并不会记录在持久库数据中, +技术上来讲无法将其踢下线,所以此时顶人下线和踢人下线等 API 都属于不可用状态,所以此时 `is-concurrent` 配置项必须配置为 `true`。 + + + + + + diff --git a/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java b/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java index 702b24d4..85b1acf6 100644 --- a/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java +++ b/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java @@ -65,4 +65,12 @@ public class StpLogicJwtForSimple extends StpLogic { return SaJwtUtil.getPayloadsNotCheck(tokenValue, loginType, jwtSecretKey()).get(key); } + + @Override + public boolean getConfigOfIsShare() { + // 为确保 jwt-simple 模式的 token Extra 数据生成不受旧token影响,这里必须让 is-share 恒为 false + // 即:在使用 jwt-simple 模式后,即使配置了 is-share=true 也不能复用旧 Token,必须每次创建新 Token + return false; + } + } diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java index c66d0d08..dfce1d98 100644 --- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java +++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java @@ -319,7 +319,9 @@ public class SaSsoProcessor { StpLogic stpLogic = ssoTemplate.getStpLogic(); // 开始处理 - stpLogic.logout(); + if(stpLogic.isLogin()) { + stpLogic.logout(stpLogic.getLoginId()); + } // 返回 return ssoLogoutBack(req, res); @@ -337,7 +339,7 @@ public class SaSsoProcessor { // 如果未登录,则无需注销 if(stpLogic.isLogin() == false) { - return SaResult.ok(); + return ssoLogoutBack(req, res); } // 调用 sso-server 认证中心单点注销API