1 year ago · 39d4efee6a
--- a/pom.xml
+++ b/pom.xml
@@ -22,9 +22,9 @@
 
				         <spring-boot.mybatis>2.2.2</spring-boot.mybatis>
			
 
				         <springdoc.version>1.6.15</springdoc.version>
			
 
				         <poi.version>5.2.3</poi.version>
			
 
				-        <easyexcel.version>3.2.1</easyexcel.version>
			
 
				+        <easyexcel.version>3.3.1</easyexcel.version>
			
 
				         <velocity.version>2.3</velocity.version>
			
 
				-        <satoken.version>1.34.0</satoken.version>
			
 
				+        <satoken.version>1.35.0.RC</satoken.version>
			
 
				         <mybatis-plus.version>3.5.3.1</mybatis-plus.version>
			
 
				         <p6spy.version>3.9.1</p6spy.version>
			
 
				         <hutool.version>5.8.18</hutool.version>
			
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
@@ -47,7 +47,7 @@ public class SysUserOnlineController extends BaseController {
 
				         for (String key : keys) {
			
 
				             String token = StringUtils.substringAfterLast(key, ":");
			
 
				             // 如果已经过期则跳过
			
 
				-            if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
			
 
				+            if (StpUtil.stpLogic.getTokenActiveTimeoutByToken(token) < -1) {
			
 
				                 continue;
			
 
				             }
			
 
				             userOnlineDTOList.add(RedisUtils.getCacheObject(CacheConstants.ONLINE_TOKEN_KEY + token));
			
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -104,8 +104,9 @@ sa-token:
 
				   token-name: Authorization
			
 
				   # token有效期 设为一天 (必定过期) 单位: 秒
			
 
				   timeout: 86400
			
 
				-  # token临时有效期 (指定时间无操作就过期) 单位: 秒
			
 
				-  activity-timeout: 1800
			
 
				+  # 多端不同 token 有效期 可查看 LoginHelper.loginByDevice 方法自定义
			
 
				+  # token最低活跃时间 (指定时间无操作就过期) 单位: 秒
			
 
				+  active-timeout: 1800
			
 
				   # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
			
 
				   is-concurrent: true
			
 
				   # 在多人登录同一账号时，是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
			
--- a/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
@@ -2,6 +2,7 @@ package com.ruoyi.common.helper;
 
				 
			
 
				 import cn.dev33.satoken.context.SaHolder;
			
 
				 import cn.dev33.satoken.context.model.SaStorage;
			
 
				+import cn.dev33.satoken.session.SaSession;
			
 
				 import cn.dev33.satoken.stp.SaLoginModel;
			
 
				 import cn.dev33.satoken.stp.StpUtil;
			
 
				 import cn.hutool.core.convert.Convert;
			
@@ -54,6 +55,14 @@ public class LoginHelper {
 
				         if (ObjectUtil.isNotNull(deviceType)) {
			
 
				             model.setDevice(deviceType.getDevice());
			
 
				         }
			
 
				+        // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
			
 
				+        // 例如: 后台用户30分钟过期 app用户1天过期
			
 
				+//        UserType userType = UserType.getUserType(loginUser.getUserType());
			
 
				+//        if (userType == UserType.SYS_USER) {
			
 
				+//            model.setTimeout(86400).setActiveTimeout(1800);
			
 
				+//        } else if (userType == UserType.APP_USER) {
			
 
				+//            model.setTimeout(86400).setActiveTimeout(1800);
			
 
				+//        }
			
 
				         StpUtil.login(loginUser.getLoginId(), model.setExtra(USER_KEY, loginUser.getUserId()));
			
 
				         StpUtil.getTokenSession().set(LOGIN_USER_KEY, loginUser);
			
 
				     }
			
@@ -66,7 +75,11 @@ public class LoginHelper {
 
				         if (loginUser != null) {
			
 
				             return loginUser;
			
 
				         }
			
 
				-        loginUser = (LoginUser) StpUtil.getTokenSession().get(LOGIN_USER_KEY);
			
 
				+        SaSession session = StpUtil.getTokenSession();
			
 
				+        if (ObjectUtil.isNull(session)) {
			
 
				+            return null;
			
 
				+        }
			
 
				+        loginUser = (LoginUser) session.get(LOGIN_USER_KEY);
			
 
				         SaHolder.getStorage().set(LOGIN_USER_KEY, loginUser);
			
 
				         return loginUser;
			
 
				     }
			
@@ -75,7 +88,11 @@ public class LoginHelper {
 
				      * 获取用户基于token
			
 
				      */
			
 
				     public static LoginUser getLoginUser(String token) {
			
 
				-        return (LoginUser) StpUtil.getTokenSessionByToken(token).get(LOGIN_USER_KEY);
			
 
				+        SaSession session = StpUtil.getTokenSessionByToken(token);
			
 
				+        if (ObjectUtil.isNull(session)) {
			
 
				+            return null;
			
 
				+        }
			
 
				+        return (LoginUser) session.get(LOGIN_USER_KEY);
			
 
				     }
			
 
				 
			
 
				     /**
			
--- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@@ -442,11 +442,11 @@ public class SysRoleServiceImpl implements ISysRoleService {
 
				         keys.parallelStream().forEach(key -> {
			
 
				             String token = StringUtils.substringAfterLast(key, ":");
			
 
				             // 如果已经过期则跳过
			
 
				-            if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
			
 
				+            if (StpUtil.stpLogic.getTokenActiveTimeoutByToken(token) < -1) {
			
 
				                 return;
			
 
				             }
			
 
				             LoginUser loginUser = LoginHelper.getLoginUser(token);
			
 
				-            if (loginUser.getRoles().stream().anyMatch(r -> r.getRoleId().equals(roleId))) {
			
 
				+            if (ObjectUtil.isNotNull(loginUser) && loginUser.getRoles().stream().anyMatch(r -> r.getRoleId().equals(roleId))) {
			
 
				                 try {
			
 
				                     StpUtil.logoutByTokenValue(token);
			
 
				                 } catch (NotLoginException ignored) {