vor 2 Wochen · 3b0f4b9a3e
--- a/src/main/java/com/lqkj/framework/security/AuthorizationServerConfig.java
+++ b/src/main/java/com/lqkj/framework/security/AuthorizationServerConfig.java
@@ -65,7 +65,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
 
				                 .secret(passwordEncoder.encode("lqkj007"))
			
 
				                 .authorizedGrantTypes("password", "refresh_token")
			
 
				                 .scopes("all","read","write")
			
 
				-                .accessTokenValiditySeconds(7200)
			
 
				+                .accessTokenValiditySeconds(720000000)
			
 
				                 .refreshTokenValiditySeconds(60 * 60 * 24 * 7);
			
 
				     }
			
 
				 }
			
--- a/src/main/java/com/lqkj/framework/security/handler/CustomAuthenticationSuccessHandler.java
+++ b/src/main/java/com/lqkj/framework/security/handler/CustomAuthenticationSuccessHandler.java
@@ -19,12 +19,15 @@ import org.springframework.security.authentication.BadCredentialsException;
 
				 import org.springframework.security.core.Authentication;
			
 
				 import org.springframework.security.crypto.password.PasswordEncoder;
			
 
				 import org.springframework.security.oauth2.common.OAuth2AccessToken;
			
 
				+import org.springframework.security.oauth2.common.OAuth2RefreshToken;
			
 
				 import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
			
 
				 import org.springframework.security.oauth2.provider.*;
			
 
				 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
			
 
				+import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
			
 
				 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
			
 
				 import org.springframework.stereotype.Component;
			
 
				 
			
 
				+import javax.annotation.Resource;
			
 
				 import javax.servlet.ServletException;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
@@ -54,6 +57,8 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
 
				     private SysConfigService configService;
			
 
				     @Autowired
			
 
				     private RedisCache redisCache;
			
 
				+    @Resource
			
 
				+    private RedisTokenStore redisTokenStore;
			
 
				 
			
 
				     @Override
			
 
				     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
			
@@ -84,6 +89,12 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
 
				         TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "custom");
			
 
				         OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
			
 
				         OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
			
 
				+        OAuth2AccessToken oldToken =  authorizationServerTokenServices.getAccessToken(oAuth2Authentication);
			
 
				+        if (oldToken != null){
			
 
				+            OAuth2RefreshToken auth2RefreshToken = oldToken.getRefreshToken();
			
 
				+            redisTokenStore.removeAccessToken(oldToken);
			
 
				+            redisTokenStore.removeRefreshToken(auth2RefreshToken);
			
 
				+        }
			
 
				         OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
			
 
				 
			
 
				         AsyncManager.me().execute(AsyncFactory.recordLogininfor(request, Constants.LOGIN_SUCCESS, "登录成功"));