刷新token失效配置

12 months ago · 19e66bdaeb
parent cd728a14b8
commit 19e66bdaeb
4 changed files with 18 additions and 3 deletions
--- a/Myshipping.Core/ConfigOption/ConfigOptions.cs
+++ b/Myshipping.Core/ConfigOption/ConfigOptions.cs
@ -147,6 +147,10 @@ public class JWTSettingsOptions : IConfigurableOptions
    /// 过期时间容错值
    /// </summary>
    public long ClockSkew { get; set; }
+    /// <summary>
+    /// 刷新token过期时间（分钟）
+    /// </summary>
+    public int RefreshTokenExpired { get; set; }
 }
 /// <summary>
 /// 数据库参数
--- a/Myshipping.Core/Myshipping.Core.xml
+++ b/Myshipping.Core/Myshipping.Core.xml
@ -437,6 +437,11 @@
            过期时间容错值
            </summary>
        </member>
+        <member name="P:Myshipping.Core.JWTSettingsOptions.RefreshTokenExpired">
+            <summary>
+            刷新token过期时间（分钟）
+            </summary>
+        </member>
        <member name="T:Myshipping.Core.DbConfig">
            <summary>
            数据库参数
--- a/Myshipping.Core/Service/Auth/AuthService.cs
+++ b/Myshipping.Core/Service/Auth/AuthService.cs
@ -118,11 +118,14 @@ public class AuthService : IAuthService, IDynamicApiController, ITransient
        // 设置Swagger自动登录
        _httpContextAccessor.HttpContext.SigninToSwagger(accessToken);

+        var jwtSettinng = App.GetConfig<JWTSettingsOptions>("JWTSettings");
+
        // 生成刷新Token令牌
-        var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, 720);
+        var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, jwtSettinng.RefreshTokenExpired);

        // 设置刷新Token令牌
        _httpContextAccessor.HttpContext.Response.Headers["x-access-token"] = refreshToken;
+        _logger.LogInformation($"{user.Account} 登录颁发刷新token，有效期：{jwtSettinng.RefreshTokenExpired} 分钟");

        var httpContext = App.HttpContext;
        await _eventPublisher.PublishAsync(new ChannelEventSource("Update:UserLoginInfo",
@ -177,8 +180,10 @@ public class AuthService : IAuthService, IDynamicApiController, ITransient
        // 设置Swagger自动登录
        _httpContextAccessor.HttpContext.SigninToSwagger(accessToken);

+        var jwtSettinng = App.GetConfig<JWTSettingsOptions>("JWTSettingsOptions");
+
        // 生成刷新Token令牌
-        var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, 30);
+        var refreshToken = JWTEncryption.GenerateRefreshToken(accessToken, jwtSettinng.RefreshTokenExpired);

        // 设置刷新Token令牌
        _httpContextAccessor.HttpContext.Response.Headers["x-access-token"] = refreshToken;
--- a/Myshipping.Web.Core/applicationconfig.json
+++ b/Myshipping.Web.Core/applicationconfig.json
@ -47,7 +47,8 @@
    "ValidAudience": "myshipping", // 签收方，string 类型
    "ValidateLifetime": true, // 是否验证过期时间，bool 类型，默认true，建议true
    "ExpiredTime": 120, // 过期时间，long 类型，单位分钟，默认20分钟
-    "ClockSkew": 30 // 过期时间容错值，long 类型，单位秒，默认5秒
+    "ClockSkew": 30, // 过期时间容错值，long 类型，单位秒，默认5秒
+    "RefreshTokenExpired": 1
  },
  "EncryptKey": {
    "AES": "072B13C9AD5644C5B914DFE66F4B5D11",