feat(system/client): 添加双token认证配置

luoqiz · luoqiz · commit e53310000d04 · 2026-04-24T13:01:37.000+08:00
diff --git a/continew-system/src/main/java/top/continew/admin/auth/service/impl/AuthServiceImpl.java b/continew-system/src/main/java/top/continew/admin/auth/service/impl/AuthServiceImpl.java
@@ -80,7 +80,7 @@ public LoginResp login(LoginReq req, HttpServletRequest request) {
         ValidationUtils.throwIfNull(client, "客户端不存在");
         ValidationUtils.throwIf(DisEnableStatusEnum.DISABLE.equals(client.getStatus()), "客户端已禁用");
         ValidationUtils.throwIf(!client.getAuthType().contains(authType.getValue()), "该客户端暂未授权 [{}] 认证", authType
-            .getDescription());
+                .getDescription());
         // 获取处理器
         LoginHandler<LoginReq> loginHandler = loginHandlerFactory.getHandler(authType);
         // 登录前置处理
@@ -137,16 +137,23 @@ public LoginResp refreshToken(String refreshToken) {
         if (refreshTokenInfo == null) {
             throw new BusinessException("无效的Refresh Token");
         }
-        // 获取登录时设置的参数
-        SaLoginParameter loginParameter = (SaLoginParameter) refreshTokenInfo;
-        UserContext userContext = (UserContext) loginParameter.getExtra(AuthConstants.LOGIN_USER);
-        UserContextHolder.setContext(userContext);
-        ClientResp client = clientService.getByClientId(userContext.getClientId());
-        // 删除原先的 Token
-        StpUtil.kickoutByTokenValue(loginParameter.getToken());
-        LoginResp loginResp = LoginHandler.buildLoginResp(loginParameter, userContext, client);
-        // 删除原先的 Refresh token
-        SaTempUtil.deleteToken(refreshToken);
-        return loginResp;
+        String oldToken = null;
+        try {
+            // 获取登录时设置的参数
+            SaLoginParameter loginParameter = (SaLoginParameter) refreshTokenInfo;
+            UserContext userContext = (UserContext) loginParameter.getExtra(AuthConstants.LOGIN_USER);
+            UserContextHolder.setContext(userContext);
+            ClientResp client = clientService.getByClientId(userContext.getClientId());
+            oldToken = loginParameter.getToken();
+            LoginResp loginResp = LoginHandler.buildLoginResp(loginParameter, userContext, client);
+            return loginResp;
+        } finally {
+            if (oldToken != null) {
+                // 删除原先的 Token
+                StpUtil.kickoutByTokenValue(oldToken);
+            }
+            // 删除原先的 Refresh token
+            SaTempUtil.deleteToken(refreshToken);
+        }
     }
 }
diff --git a/continew-system/src/main/java/top/continew/admin/system/model/req/ClientReq.java b/continew-system/src/main/java/top/continew/admin/system/model/req/ClientReq.java
@@ -80,7 +80,7 @@ public class ClientReq implements Serializable {
      * 是否启用Refresh Token
      */
     @Schema(description = "是否启用 Refresh Token", example = "false")
-    @NotNull(message = "Refresh Token 不能为空")
+    @NotNull(message = "是否启用 Refresh Token 不能为空")
     private Boolean isEnableRefreshToken;
 
     /**
