From 723ca944953ed2fc59abc7948e6110595ccc5a50 Mon Sep 17 00:00:00 2001
From: hxr <1490493387@qq.com>
Date: Thu, 18 Apr 2024 22:51:38 +0800
Subject: [PATCH] =?UTF-8?q?fix(AuthServiceImpl.java):=20=E4=BF=AE=E5=A4=8D?=
 =?UTF-8?q?=E8=BF=87=E6=9C=9F`token`=E6=B3=A8=E9=94=80=E5=A4=B1=E8=B4=A5?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/youlai/system/service/impl/AuthServiceImpl.java  | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java b/src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java
index c7f6dd4d..6d0fddcd 100644
--- a/src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java
+++ b/src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java
@@ -83,11 +83,16 @@ public class AuthServiceImpl implements AuthService {
             JSONObject payloads = JWTUtil.parseToken(token).getPayloads();
             // 解析 Token 获取 jti(JWT ID) 和 exp(过期时间)
             String jti = payloads.getStr(JWTPayload.JWT_ID);
-            Long expiration = payloads.getLong(JWTPayload.EXPIRES_AT);
+            Long expiration = payloads.getLong(JWTPayload.EXPIRES_AT); // 过期时间(秒)
             // 如果exp存在，则计算Token剩余有效时间
             if (expiration != null) {
+                long currentTimeSeconds = System.currentTimeMillis() / 1000;
+                if (expiration < currentTimeSeconds) {
+                    // Token已过期，不再加入黑名单
+                    return;
+                }
                 // 将Token的jti加入黑名单，并设置剩余有效时间，使其在过期后自动从黑名单移除
-                long ttl = expiration - System.currentTimeMillis() / 1000;
+                long ttl = expiration - currentTimeSeconds;
                 redisTemplate.opsForValue().set(SecurityConstants.BLACKLIST_TOKEN_PREFIX + jti, null, ttl, TimeUnit.SECONDS);
             } else {
                 // 如果exp不存在，说明Token永不过期，则永久加入黑名单