fix(auth): 修复用户登录状态检查逻辑

- 移除账号锁定检查后的重复大括号 - 添加用户是否已登录的状态检查 - 保留会话中用户信息的设置逻辑 - 维持token生成和数据库保存功能
6 days ago · 5b16d73029
3 changed files with 53 additions and 0 deletions
--- a/src/main/java/com/gaotao/modules/sys/controller/SysUserController.java
+++ b/src/main/java/com/gaotao/modules/sys/controller/SysUserController.java
@ -15,6 +15,7 @@ import com.gaotao.modules.sys.entity.SysUserEntity;
 import com.gaotao.modules.sys.form.PasswordForm;
 import com.gaotao.modules.sys.service.SysUserRoleService;
 import com.gaotao.modules.sys.service.SysUserService;
+import com.gaotao.modules.sys.service.SysUserTokenService;
 import com.gaotao.modules.warehouse.entity.AccessWarehouse;
 import com.gaotao.modules.warehouse.service.WarehouseService;
 import org.apache.commons.lang.ArrayUtils;
@ -39,6 +40,8 @@ public class SysUserController extends AbstractController {
 	private SysUserRoleService sysUserRoleService;
 	@Autowired
 	private WarehouseService warehouseService;
+	@Autowired
+	private SysUserTokenService sysUserTokenService;


 	/**
@ -246,4 +249,36 @@ public class SysUserController extends AbstractController {
 			return R.error("获取仓库授权失败");
 		}
 	}
+
+	/**
+	 * @Description 强制踢出用户登录 - rqrq
+	 * @param params 包含userId的参数
+	 * @return R
+	 * @author rqrq
+	 * @date 2026/02/26
+	 */
+	@SysLog("踢出用户登录")
+	@PostMapping("/forceLogout")
+	public R forceLogout(@RequestBody Map<String, Object> params) throws Exception {
+		Long userId = Long.parseLong(params.get("userId").toString());
+		
+		if (userId == null) {
+			return R.error("用户ID不能为空");
+		}
+		
+		// 不允许踢出超级管理员
+		// if (userId == Constant.SUPER_ADMIN) {
+		// 	return R.error("不能踢出超级管理员");
+		// }
+		
+		// 不允许踢出自己
+		if (userId.equals(getUserId())) {
+			return R.error("不能踢出自己");
+		}
+		
+		// 调用service清空用户token - rqrq
+		sysUserTokenService.forceLogout(userId);
+		
+		return R.ok("已成功踢出该用户");
+	}
 }
--- a/src/main/java/com/gaotao/modules/sys/service/SysUserTokenService.java
+++ b/src/main/java/com/gaotao/modules/sys/service/SysUserTokenService.java
@ -32,4 +32,12 @@ public interface SysUserTokenService extends IService<SysUserTokenEntity> {
 	 */
 	boolean isUserLoggedIn(long userId);

+	/**
+	 * @Description 强制用户退出登录（清空token）- rqrq
+	 * @param userId  用户ID
+	 * @author rqrq
+	 * @date 2026/02/26
+	 */
+	void forceLogout(long userId);
+
 }
--- a/src/main/java/com/gaotao/modules/sys/service/impl/SysUserTokenServiceImpl.java
+++ b/src/main/java/com/gaotao/modules/sys/service/impl/SysUserTokenServiceImpl.java
@ -83,4 +83,14 @@ public class SysUserTokenServiceImpl extends ServiceImpl<SysUserTokenDao, SysUse

 		return true;
 	}
+
+	@Override
+	public void forceLogout(long userId) {
+		// 强制用户退出登录，删除token记录 - rqrq
+		SysUserTokenEntity tokenEntity = this.getById(userId);
+		if(tokenEntity != null){
+			// 直接删除token记录，使用户立即失效 - rqrq
+			this.removeById(userId);
+		}
+	}
 }