fix: 登出时使用的token参数未过滤Bearer,导致登出并未清除redis记录

2026-03-03 11:48:33 +08:00
parent e877ba125b
commit 3d407e3d91
1 changed files with 14 additions and 1 deletions
--- a/src/main/java/com/youlai/boot/security/token/RedisTokenManager.java
+++ b/src/main/java/com/youlai/boot/security/token/RedisTokenManager.java
@@ -4,6 +4,7 @@ import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.StrUtil;
 import com.youlai.boot.common.constant.RedisConstants;
+import com.youlai.boot.common.constant.SecurityConstants;
 import com.youlai.boot.core.exception.BusinessException;
 import com.youlai.boot.core.web.ResultCode;
 import com.youlai.boot.config.property.SecurityProperties;
@@ -173,7 +174,8 @@ public class RedisTokenManager implements TokenManager {
     */
    @Override
    public void invalidateToken(String token) {
-        Object value = redisTemplate.opsForValue().get(formatTokenKey(token));
+        String cleanToken = cleanBearerPrefix(token);
+        Object value = redisTemplate.opsForValue().get(formatTokenKey(cleanToken));
        if (value instanceof UserSession userSession) {
            Long userId = userSession.getUserId();
            invalidateUserSessions(userId);
@@ -318,4 +320,15 @@ public class RedisTokenManager implements TokenManager {
            redisTemplate.opsForValue().set(key, value); // ttl=-1时永不过期
        }
    }
+
+
+    /**
+     * 清理 Bearer 前缀
+     */
+    private String cleanBearerPrefix(String token) {
+        if (token.startsWith(SecurityConstants.BEARER_TOKEN_PREFIX)) {
+            return token.substring(SecurityConstants.BEARER_TOKEN_PREFIX.length()).trim();
+        }
+        return token.trim();
+    }
 }