yoyuz/my_site
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable dual-device login and mobile APK update checks

Browse Source
This commit is contained in:
yoyuzh
2026-04-03 16:28:09 +08:00
parent 56f2a9fe0d
commit 52b5bbfe8e
50 changed files with 1659 additions and 164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
backend/src/main/java/com/yoyuzh/auth/JwtTokenProvider.java
View File

@@ -41,10 +41,15 @@ public class JwtTokenProvider {
}
public String generateAccessToken(Long userId, String username, String sessionId) {
return generateAccessToken(userId, username, sessionId, AuthClientType.DESKTOP);
}
public String generateAccessToken(Long userId, String username, String sessionId, AuthClientType clientType) {
Instant now = Instant.now();
var builder = Jwts.builder()
.subject(username)
.claim("uid", userId)
.claim("client", clientType.name())
.issuedAt(Date.from(now))
.expiration(Date.from(now.plusSeconds(jwtProperties.getAccessExpirationSeconds())))
.signWith(secretKey);
@@ -79,6 +84,11 @@ public class JwtTokenProvider {
return sessionId == null ? null : sessionId.toString();
}
public AuthClientType getClientType(String token) {
Object clientType = parseClaims(token).get("client");
return AuthClientType.fromHeader(clientType == null ? null : clientType.toString());
}
public boolean hasMatchingSession(String token, String activeSessionId) {
String tokenSessionId = getSessionId(token);
@@ -89,6 +99,17 @@ public class JwtTokenProvider {
return activeSessionId.equals(tokenSessionId);
}
public boolean hasMatchingSession(String token, User user) {
String expectedSessionId = switch (getClientType(token)) {
case MOBILE -> user.getMobileActiveSessionId();
case DESKTOP -> StringUtils.hasText(user.getDesktopActiveSessionId())
? user.getDesktopActiveSessionId()
: user.getActiveSessionId();
};
return hasMatchingSession(token, expectedSessionId);
}
private Claims parseClaims(String token) {
return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload();
}