Merge remote-tracking branch 'origin/dev' into dev

2025-09-19 01:58:05 +08:00 · 2023-01-10 16:53:51 +08:00
parent 24b6168ce4 c6c1ad1ac5
commit 85f0f9f55a
12 changed files with 64 additions and 34 deletions
--- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckBasic.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckBasic.java
@@ -8,7 +8,7 @@ import java.lang.annotation.Target;
 import cn.dev33.satoken.basic.SaBasicTemplate;

 /**
- * Http Basic 认证：只有通过 Basic 认证后才能进入该方法 
+ * Http Basic 认证校验：只有通过 Basic 认证后才能进入该方法 
 * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
 * @author kong
 *
--- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java
@@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

 /**
- * 登录认证：只有登录之后才能进入该方法 
+ * 登录认证校验：只有登录之后才能进入该方法 
 * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
 * @author kong
 *
--- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java
@@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

 /**
- * 权限认证：必须具有指定权限才能进入该方法 
+ * 权限认证校验：必须具有指定权限才能进入该方法 
 * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
 * @author kong
 *
--- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java
@@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

 /**
- * 角色认证：必须具有指定角色标识才能进入该方法 
+ * 角色认证校验：必须具有指定角色标识才能进入该方法 
 * <p> 可标注在函数、类上（效果等同于标注在此类的所有方法上） 
 * @author kong
 *
--- a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java
@@ -412,14 +412,10 @@ public class StpLogic {
 		if(isConcurrent) {
 			// 全局配置是否允许复用旧 Token 
 			if(getConfigOfIsShare()) {
-				// 为确保 jwt-simple 模式的 token Extra 数据生成不受旧token影响，这里必须确保 is-share 配置项在 ExtraData 为空时才可以生效 
-				// 即：在 login 时提供了 Extra 数据后，即使配置了 is-share=true 也不能复用旧 Token，必须创建新 Token 
-				if(loginModel.isSetExtraData() == false) {
-					String tokenValue = getTokenValueByLoginId(id, loginModel.getDeviceOrDefault());
-					// 复用成功的话就直接返回，否则还是要继续新建Token 
-					if(SaFoxUtil.isNotEmpty(tokenValue)) {
-						return tokenValue;
-					}
+				String tokenValue = getTokenValueByLoginId(id, loginModel.getDeviceOrDefault());
+				// 复用成功的话就直接返回，否则还是要继续新建Token 
+				if(SaFoxUtil.isNotEmpty(tokenValue)) {
+					return tokenValue;
 				}
 			}
 		}
--- a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java
+++ b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java
@@ -13,7 +13,7 @@ import cn.dev33.satoken.SaManager;
@SpringBootApplication
 public class SaTokenAloneRedisClusterApplication {

-	public static void main(String[] args) throws ClassNotFoundException {
+	public static void main(String[] args) {
 		SpringApplication.run(SaTokenAloneRedisClusterApplication.class, args);
 		System.out.println("\n启动成功：Sa-Token配置如下：" + SaManager.getConfig());
 	}
--- a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml
+++ b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml
@@ -13,7 +13,7 @@ sa-token:
    # 配置Sa-Token单独使用的Redis连接 
    alone-redis:
        # 普通集群
-        pattern: cluster
+        # pattern: cluster
        # Redis服务器连接用户名（默认为空）
        username:
        # Redis服务器连接密码（默认为空）
--- a/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json
+++ b/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json
@@ -2890,9 +2890,9 @@
      "dev": true
    },
    "node_modules/@vue/vue-loader-v15/node_modules/json5": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz",
-      "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz",
+      "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==",
      "dev": true,
      "dependencies": {
        "minimist": "^1.2.0"
@@ -6657,9 +6657,9 @@
      "dev": true
    },
    "node_modules/json5": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmmirror.com/json5/-/json5-2.2.1.tgz",
-      "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==",
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+      "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
      "dev": true,
      "bin": {
        "json5": "lib/cli.js"
@@ -10320,9 +10320,9 @@
      "dev": true
    },
    "node_modules/vue-style-loader/node_modules/json5": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz",
-      "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz",
+      "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==",
      "dev": true,
      "dependencies": {
        "minimist": "^1.2.0"
@@ -13258,9 +13258,9 @@
          "dev": true
        },
        "json5": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz",
-          "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==",
+          "version": "1.0.2",
+          "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz",
+          "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==",
          "dev": true,
          "requires": {
            "minimist": "^1.2.0"
@@ -16167,9 +16167,9 @@
      "dev": true
    },
    "json5": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmmirror.com/json5/-/json5-2.2.1.tgz",
-      "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==",
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
+      "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
      "dev": true
    },
    "jsonfile": {
@@ -18916,9 +18916,9 @@
          "dev": true
        },
        "json5": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz",
-          "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==",
+          "version": "1.0.2",
+          "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz",
+          "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==",
          "dev": true,
          "requires": {
            "minimist": "^1.2.0"
--- a/sa-token-doc/plugin/alone-redis.md
+++ b/sa-token-doc/plugin/alone-redis.md
@@ -118,6 +118,10 @@ spring.redis.timeout=10s

 具体可参考示例：[码云：application.yml](https://gitee.com/dromara/sa-token/blob/master/sa-token-demo/sa-token-demo-alone-redis/src/main/resources/application.yml)

+集群配置说明: alone-redis同样可以配置集群(cluster模式和sentinel模式), 且基础配置参数和spring redis集群配置别无二致
+
+集群配置示例可参考demo项目sa-token-demo-alone-redis-cluster
+

 ### 3、测试
 新建Controller测试一下 
--- a/sa-token-doc/plugin/jwt-extend.md
+++ b/sa-token-doc/plugin/jwt-extend.md
@@ -216,3 +216,23 @@ public void setSaJwtTemplate() {
 	});
 }
 ```
+
+
+### 9、注意点
+
+##### 1、使用 jwt-simple 模式后，is-share=false 恒等于 false。
+
+`is-share=true` 的意思是每次登录都产生一样的 token，这种策略和 [ 为每个 token 单独设定 setExtra 数据 ] 不兼容的，
+为保证正确设定 Extra 数据，当使用 `jwt-simple` 模式后，`is-share` 配置项 恒等于 `false`。
+
+
+##### 2、使用 jwt-mixin 模式后，is-concurrent 必须为 true。
+
+`is-concurrent=false` 代表每次登录都把旧登录顶下线，但是 jwt-mixin 模式登录的 token 并不会记录在持久库数据中，
+技术上来讲无法将其踢下线，所以此时顶人下线和踢人下线等 API 都属于不可用状态，所以此时 `is-concurrent` 配置项必须配置为 `true`。
+
+
+
+
+
+
--- a/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java
+++ b/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java
@@ -65,4 +65,12 @@ public class StpLogicJwtForSimple extends StpLogic {
 		return SaJwtUtil.getPayloadsNotCheck(tokenValue, loginType, jwtSecretKey()).get(key);
 	}

+	
+	@Override
+	public boolean getConfigOfIsShare() {
+		// 为确保 jwt-simple 模式的 token Extra 数据生成不受旧token影响，这里必须让 is-share 恒为 false 
+		// 即：在使用 jwt-simple 模式后，即使配置了 is-share=true 也不能复用旧 Token，必须每次创建新 Token 
+		return false;
+	}
+	
 }
--- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java
+++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java
@@ -319,7 +319,9 @@ public class SaSsoProcessor {
 		StpLogic stpLogic = ssoTemplate.getStpLogic();
 		
 		// 开始处理 
-		stpLogic.logout();
+		if(stpLogic.isLogin()) {
+			stpLogic.logout(stpLogic.getLoginId());
+		}
 		
 		// 返回
 		return ssoLogoutBack(req, res);
@@ -337,7 +339,7 @@ public class SaSsoProcessor {
 		
 		// 如果未登录，则无需注销 
        if(stpLogic.isLogin() == false) {
-            return SaResult.ok();
+        	return ssoLogoutBack(req, res);
        }
        
        // 调用 sso-server 认证中心单点注销API