fix #175

xlorne · xlorne · commit 30e205cd5f07 · 2026-01-04T10:58:00.000+08:00
diff --git a/pom.xml b/pom.xml
@@ -15,7 +15,7 @@
 
     <groupId>com.codingapi.springboot</groupId>
     <artifactId>springboot-parent</artifactId>
-    <version>2.10.28</version>
+    <version>2.10.29</version>
 
     <url>https://github.com/codingapi/springboot-framewrok</url>
     <name>springboot-parent</name>
diff --git a/springboot-starter-data-authorization/pom.xml b/springboot-starter-data-authorization/pom.xml
@@ -6,7 +6,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>2.10.28</version>
+        <version>2.10.29</version>
     </parent>
 
     <name>springboot-starter-data-authorization</name>
diff --git a/springboot-starter-data-fast/pom.xml b/springboot-starter-data-fast/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>2.10.28</version>
+        <version>2.10.29</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
diff --git a/springboot-starter-flow/pom.xml b/springboot-starter-flow/pom.xml
@@ -6,7 +6,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>2.10.28</version>
+        <version>2.10.29</version>
     </parent>
 
     <name>springboot-starter-flow</name>
diff --git a/springboot-starter-security/pom.xml b/springboot-starter-security/pom.xml
@@ -6,7 +6,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>2.10.28</version>
+        <version>2.10.29</version>
     </parent>
 
     <artifactId>springboot-starter-security</artifactId>
diff --git a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/filter/MyAuthenticationFilter.java b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/filter/MyAuthenticationFilter.java
@@ -53,6 +53,10 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
                 }
 
                 Token token = tokenGateway.parser(sign);
+                if(token==null) {
+                    writeResponse(response, Response.buildFailure("token.error", "token error."));
+                    return;
+                }
                 if (token.canRestToken()) {
                     Token newSign = tokenGateway.create(token.getUsername(), token.decodeIv(), token.getAuthorities(), token.getExtra());
                     log.info("reset token ");
diff --git a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/redis/RedisTokenGateway.java b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/redis/RedisTokenGateway.java
@@ -1,7 +1,9 @@
 package com.codingapi.springboot.security.redis;
 
 import com.alibaba.fastjson2.JSONObject;
+import com.codingapi.springboot.framework.crypto.AESUtils;
 import com.codingapi.springboot.security.gateway.Token;
+import lombok.SneakyThrows;
 import org.springframework.data.redis.core.RedisTemplate;
 
 import java.util.ArrayList;
@@ -25,7 +27,8 @@ public RedisTokenGateway(RedisTemplate<String, String> redisTemplate, SecurityRe
 
     public Token create(String username, String iv, List<String> authorities, String extra) {
         Token token = new Token(username, iv, extra, authorities, validTime, restTime);
-        String key = String.format("%s:%s", username, UUID.randomUUID().toString().replaceAll("-", ""));
+        String usernameEncode = this.encodeUsername(username);
+        String key = String.format("%s:%s", usernameEncode, UUID.randomUUID().toString().replaceAll("-", ""));
         token.setToken(key);
         redisTemplate.opsForValue().set(key, token.toJson(), validTime, TimeUnit.MILLISECONDS);
         return token;
@@ -69,21 +72,29 @@ public void resetToken(Token token) {
      * @param username 用户名
      */
     public void removeUsername(String username) {
-        Set<String> keys = redisTemplate.keys(username + ":*");
+        String usernameEncode = this.encodeUsername(username);
+        Set<String> keys = redisTemplate.keys(usernameEncode + ":*");
         if (!keys.isEmpty()) {
             redisTemplate.delete(keys);
         }
     }
 
 
+    @SneakyThrows
+    private String encodeUsername(String username){
+        return AESUtils.getInstance().encode(username);
+    }
+
+
     /**
      * 获取用户的所有token
      *
      * @param username 用户名
      * @return token列表
      */
     public List<String> getTokensByUsername(String username) {
-        Set<String> keys = redisTemplate.keys(username + ":*");
+        String usernameEncode = this.encodeUsername(username);
+        Set<String> keys = redisTemplate.keys(usernameEncode + ":*");
         return new ArrayList<>(keys);
     }
 
@@ -95,7 +106,8 @@ public List<String> getTokensByUsername(String username) {
      * @param predicate 条件
      */
     public void removeUsername(String username, Predicate<Token> predicate) {
-        Set<String> keys = redisTemplate.keys(username + ":*");
+        String usernameEncode = this.encodeUsername(username);
+        Set<String> keys = redisTemplate.keys(usernameEncode + ":*");
         if (!keys.isEmpty()) {
             for (String key : keys) {
                 Token token = getToken(key);
diff --git a/springboot-starter/pom.xml b/springboot-starter/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.codingapi.springboot</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>2.10.28</version>
+        <version>2.10.29</version>
     </parent>
     <artifactId>springboot-starter</artifactId>
 
