Fix token (#2653)

* fix: kick token * fix: kick token * fix: change config
2025-04-06 04:15:46 +08:00 · 2024-09-25 11:05:48 +08:00 · 2024-09-25 11:05:48 +08:00 · f6364a4eff
commit f6364a4eff
parent 031c1cd1e4
6 changed files with 48 additions and 13 deletions
--- a/config/openim-msggateway.yml
+++ b/config/openim-msggateway.yml
@ -23,5 +23,4 @@ longConnSvr:
  # WebSocket connection handshake timeout in seconds
  websocketTimeout: 10
-# 1: For Android, iOS, Windows, Mac, and web platforms, only one instance can be online at a time
+
 multiLoginPolicy: 1
--- a/config/share.yml
+++ b/config/share.yml
@ -12,3 +12,5 @@ rpcRegisterName:
 imAdminUserID: [ imAdmin ]
 # 1: For Android, iOS, Windows, Mac, and web platforms, only one instance can be online at a time
 multiLoginPolicy: 1
--- a/internal/msggateway/ws_server.go
+++ b/internal/msggateway/ws_server.go
@ -321,7 +321,7 @@ func (ws *WsServer) KickUserConn(client *Client) error {
 }
 func (ws *WsServer) multiTerminalLoginChecker(clientOK bool, oldClients []*Client, newClient *Client) {
-	switch ws.msgGatewayConfig.MsgGateway.MultiLoginPolicy {
+	switch ws.msgGatewayConfig.Share.MultiLoginPolicy {
 	case constant.DefalutNotKick:
 	case constant.PCAndOther:
 		if constant.PlatformIDToClass(newClient.PlatformID) == constant.TerminalPC {
--- a/internal/rpc/auth/auth.go
+++ b/internal/rpc/auth/auth.go
@ -64,6 +64,7 @@ func Start(ctx context.Context, config *Config, client discovery.SvcDiscoveryReg
 			redis2.NewTokenCacheModel(rdb, config.RpcConfig.TokenPolicy.Expire),
 			config.Share.Secret,
 			config.RpcConfig.TokenPolicy.Expire,
 			config.Share.MultiLoginPolicy,
 		),
 		config: config,
 	})
--- a/pkg/common/config/config.go
+++ b/pkg/common/config/config.go
@ -185,7 +185,6 @@ type MsgGateway struct {
 		WebsocketMaxMsgLen  int   `mapstructure:"websocketMaxMsgLen"`
 		WebsocketTimeout    int   `mapstructure:"websocketTimeout"`
 	} `mapstructure:"longConnSvr"`
 	MultiLoginPolicy int `mapstructure:"multiLoginPolicy"`
 }
 type MsgTransfer struct {
@ -361,6 +360,7 @@ type Share struct {
 	Secret           string          `mapstructure:"secret"`
 	RpcRegisterName  RpcRegisterName `mapstructure:"rpcRegisterName"`
 	IMAdminUserID    []string        `mapstructure:"imAdminUserID"`
 	MultiLoginPolicy int             `mapstructure:"multiLoginPolicy"`
 }
 type RpcRegisterName struct {
 	User           string `mapstructure:"user"`
--- a/pkg/common/storage/controller/auth.go
+++ b/pkg/common/storage/controller/auth.go
@ -38,10 +38,11 @@ type authDatabase struct {
 	cache            cache.TokenModel
 	accessSecret     string
 	accessExpire     int64
 	multiLoginPolicy int
 }
-func NewAuthDatabase(cache cache.TokenModel, accessSecret string, accessExpire int64) AuthDatabase {
+func NewAuthDatabase(cache cache.TokenModel, accessSecret string, accessExpire int64, policy int) AuthDatabase {
-	return &authDatabase{cache: cache, accessSecret: accessSecret, accessExpire: accessExpire}
+	return &authDatabase{cache: cache, accessSecret: accessSecret, accessExpire: accessExpire, multiLoginPolicy: policy}
 }
 // If the result is empty.
@ -55,15 +56,19 @@ func (a *authDatabase) SetTokenMapByUidPid(ctx context.Context, userID string, p
 // Create Token.
 func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformID int) (string, error) {
 	// todo: get all platform token
 	tokens, err := a.cache.GetTokensWithoutError(ctx, userID, platformID)
 	if err != nil {
 		return "", err
 	}
 	var deleteTokenKey []string
 	var kickedTokenKey []string
 	for k, v := range tokens {
-		_, err = tokenverify.GetClaimFromToken(k, authverify.Secret(a.accessSecret))
+		t, err := tokenverify.GetClaimFromToken(k, authverify.Secret(a.accessSecret))
 		if err != nil || v != constant.NormalToken {
 			deleteTokenKey = append(deleteTokenKey, k)
 		} else if a.checkKickToken(ctx, platformID, t) {
 			kickedTokenKey = append(kickedTokenKey, k)
 		}
 	}
 	if len(deleteTokenKey) != 0 {
@ -72,6 +77,14 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 			return "", err
 		}
 	}
 	if len(kickedTokenKey) != 0 {
 		for _, k := range kickedTokenKey {
 			err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
 			if err != nil {
 				return "", err
 			}
 		}
 	}
 	claims := tokenverify.BuildClaims(userID, platformID, a.accessExpire)
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@ -85,3 +98,23 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 	}
 	return tokenString, nil
 }
 func (a *authDatabase) checkKickToken(ctx context.Context, platformID int, token *tokenverify.Claims) bool {
 	switch a.multiLoginPolicy {
 	case constant.DefalutNotKick:
 		return false
 	case constant.PCAndOther:
 		if constant.PlatformIDToClass(platformID) == constant.TerminalPC ||
 			constant.PlatformIDToClass(token.PlatformID) == constant.TerminalPC {
 			return false
 		}
 		return true
 	case constant.AllLoginButSameTermKick:
 		if platformID == token.PlatformID {
 			return true
 		}
 		return false
 	default:
 		return false
 	}
 }