From 5a7a9a235eccee6d8febd07dd04671651fd0325e Mon Sep 17 00:00:00 2001
From: icey-yu <1186114839@qq.com>
Date: Wed, 12 Mar 2025 17:22:29 +0800
Subject: [PATCH] fix: AdminToken save to redis && limit 1 for each userID

---
 internal/rpc/user/user.go             |  4 +--
 pkg/common/storage/controller/auth.go | 45 ++++++++++++---------------
 pkg/common/storage/controller/user.go |  5 ++-
 3 files changed, 24 insertions(+), 30 deletions(-)

diff --git a/internal/rpc/user/user.go b/internal/rpc/user/user.go
index 07e3c6201..cd239aae3 100644
--- a/internal/rpc/user/user.go
+++ b/internal/rpc/user/user.go
@@ -88,7 +88,7 @@ func Start(ctx context.Context, config *Config, client discovery.Conn, server gr
 	users := make([]*tablerelation.User, 0)
 
 	for _, v := range config.Share.IMAdminUserID {
-		users = append(users, &tablerelation.User{UserID: v, Nickname: v, AppMangerLevel: constant.AppNotificationAdmin})
+		users = append(users, &tablerelation.User{UserID: v, Nickname: v, AppMangerLevel: constant.AppAdmin})
 	}
 	userDB, err := mgo.NewUserMongo(mgocli.GetDB())
 	if err != nil {
@@ -605,7 +605,7 @@ func (s *userServer) GetNotificationAccount(ctx context.Context, req *pbuser.Get
 	if err != nil {
 		return nil, servererrs.ErrUserIDNotFound.Wrap()
 	}
-	if user.AppMangerLevel == constant.AppAdmin || user.AppMangerLevel >= constant.AppNotificationAdmin {
+	if user.AppMangerLevel >= constant.AppAdmin {
 		return &pbuser.GetNotificationAccountResp{Account: &pbuser.NotificationAccountInfo{
 			UserID:         user.UserID,
 			FaceURL:        user.FaceURL,
diff --git a/pkg/common/storage/controller/auth.go b/pkg/common/storage/controller/auth.go
index ee2a06f53..013d8b155 100644
--- a/pkg/common/storage/controller/auth.go
+++ b/pkg/common/storage/controller/auth.go
@@ -80,31 +80,28 @@ func (a *authDatabase) BatchSetTokenMapByUidPid(ctx context.Context, tokens []st
 
 // Create Token.
 func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformID int) (string, error) {
-	isAdmin := authverify.IsManagerUserID(userID, a.adminUserIDs)
-	if !isAdmin {
-		tokens, err := a.cache.GetAllTokensWithoutError(ctx, userID)
-		if err != nil {
-			return "", err
-		}
+	tokens, err := a.cache.GetAllTokensWithoutError(ctx, userID)
+	if err != nil {
+		return "", err
+	}
 
-		deleteTokenKey, kickedTokenKey, err := a.checkToken(ctx, tokens, platformID)
+	deleteTokenKey, kickedTokenKey, err := a.checkToken(ctx, tokens, platformID)
+	if err != nil {
+		return "", err
+	}
+	if len(deleteTokenKey) != 0 {
+		err = a.cache.DeleteTokenByUidPid(ctx, userID, platformID, deleteTokenKey)
 		if err != nil {
 			return "", err
 		}
-		if len(deleteTokenKey) != 0 {
-			err = a.cache.DeleteTokenByUidPid(ctx, userID, platformID, deleteTokenKey)
+	}
+	if len(kickedTokenKey) != 0 {
+		for _, k := range kickedTokenKey {
+			err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
 			if err != nil {
 				return "", err
 			}
-		}
-		if len(kickedTokenKey) != 0 {
-			for _, k := range kickedTokenKey {
-				err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
-				if err != nil {
-					return "", err
-				}
-				log.ZDebug(ctx, "kicked token in create token", "token", k)
-			}
+			log.ZDebug(ctx, "kicked token in create token", "token", k)
 		}
 	}
 
@@ -115,10 +112,8 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 		return "", errs.WrapMsg(err, "token.SignedString")
 	}
 
-	if !isAdmin {
-		if err = a.cache.SetTokenFlagEx(ctx, userID, platformID, tokenString, constant.NormalToken); err != nil {
-			return "", err
-		}
+	if err = a.cache.SetTokenFlagEx(ctx, userID, platformID, tokenString, constant.NormalToken); err != nil {
+		return "", err
 	}
 
 	return tokenString, nil
@@ -224,9 +219,6 @@ func (a *authDatabase) checkToken(ctx context.Context, tokens map[int]map[string
 	}
 
 	//var adminTokenMaxNum = a.multiLogin.MaxNumOneEnd
-	//if a.multiLogin.Policy == constant.Customize {
-	//	adminTokenMaxNum = a.multiLogin.CustomizeLoginNum[constant.AdminPlatformID]
-	//}
 	//l := len(adminToken)
 	//if platformID == constant.AdminPlatformID {
 	//	l++
@@ -234,5 +226,8 @@ func (a *authDatabase) checkToken(ctx context.Context, tokens map[int]map[string
 	//if l > adminTokenMaxNum {
 	//	kickToken = append(kickToken, adminToken[:l-adminTokenMaxNum]...)
 	//}
+	if platformID == constant.AdminPlatformID {
+		kickToken = append(kickToken, adminToken...)
+	}
 	return deleteToken, kickToken, nil
 }
diff --git a/pkg/common/storage/controller/user.go b/pkg/common/storage/controller/user.go
index a8ef1033e..f97c5330b 100644
--- a/pkg/common/storage/controller/user.go
+++ b/pkg/common/storage/controller/user.go
@@ -21,12 +21,11 @@ import (
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/database"
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/model"
 	"github.com/openimsdk/protocol/constant"
+	"github.com/openimsdk/protocol/user"
 	"github.com/openimsdk/tools/db/pagination"
 	"github.com/openimsdk/tools/db/tx"
-	"github.com/openimsdk/tools/utils/datautil"
-
-	"github.com/openimsdk/protocol/user"
 	"github.com/openimsdk/tools/errs"
+	"github.com/openimsdk/tools/utils/datautil"
 
 	"github.com/openimsdk/open-im-server/v3/pkg/common/storage/cache"
 )