Skip to content

feat(degoo): token improvement #1149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
xrgzs merged 8 commits into from
Aug 25, 2025
Merged

feat(degoo): token improvement #1149

xrgzs merged 8 commits into from
Aug 25, 2025

Conversation

@CaspianGUAN
Copy link
Contributor

@CaspianGUAN CaspianGUAN commented Aug 25, 2025

Enhanced Degoo Driver Token Management

  • Implemented automatic JWT token expiration detection and refresh functionality
  • Added persistent refresh token storage to maintain authentication across service restarts
  • Integrated comprehensive rate limiting protection (429 Too Many Requests handling)
  • Enhanced login flow with automatic fallback from token refresh to full authentication
  • Improved API stability and reduced authentication failures

Technical Improvements

Token Lifecycle Management

  • JWT payload parsing with base64 decoding for expiration checking
  • Proactive token refresh when expiration is within 5-minute threshold
  • Persistent token storage using OpenList's driver storage mechanism
  • Graceful error handling with automatic retry logic

Bug Fixes

  • Fixed undefined variable references in token management code
  • Corrected function return value handling for storage operations
  • Resolved compilation errors in pure Go build process

Files Modified

  • drivers/degoo/meta.go - Added RefreshToken field to Addition struct
  • drivers/degoo/util.go - Implemented comprehensive token management system
  • drivers/degoo/driver.go - Updated initialization with token validation

@CaspianGUAN
Update driver.go
e717f79 
Signed-off-by: Caspian <app@caspian.im>
@CaspianGUAN
Update meta.go
eaa0fd7 
Signed-off-by: Caspian <app@caspian.im>
@CaspianGUAN
Update util.go
6100f55 
Signed-off-by: Caspian <app@caspian.im>
@CaspianGUAN
Copy link
Contributor Author

CaspianGUAN commented Aug 25, 2025

完善自动刷新功能:

  1. 保存RefreshToken:
    type Addition struct {
    driver.RootID
    Username string json:"username" required:"true"
    Password string json:"password" required:"true"
    Token string json:"token"
    RefreshToken string json:"refresh_token" // 新增字段
    }
  2. 实现Token过期检测:
    - 解析JWT Token的exp字段
    - 在过期前主动刷新
  3. 优化刷新逻辑:
    - 优先使用RefreshToken刷新
    - 失败后再尝试完整登录

总结:当前驱动有基础的自动Token管理,但不够完善,这就是为什么遇到429错误的原因。配置一个有效的Token,并改进RefreshToken的持久化

@ILoveScratch2 ILoveScratch2 requested review from Copilot and xrgzs August 25, 2025 10:48
@xrgzs xrgzs changed the title driver degoo improvement feat(degoo): token improvement Aug 25, 2025
xrgzs
xrgzs reviewed Aug 25, 2025
View reviewed changes
Copy link
Member

@xrgzs xrgzs left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

感谢提交,实际测了下,将 Access Token 改乱后,Refresh Token 有点问题,刷新完后不会使用获取到的 Access Token 进行新的请求

看了下,Headers 中的 Authorization 头部已经是刷新后获取到的没错,但请求的 Body 部分没有更新。看起来是请求在构建时就已经生成了 Body,之后虽然刷新了 Token,但并没有将新的 Token 更新到 Body 中,导致请求仍然使用了旧的 Token

xrgzs
xrgzs reviewed Aug 25, 2025
View reviewed changes
xrgzs
xrgzs reviewed Aug 25, 2025
View reviewed changes
@CaspianGUAN
Update util.go
42ecdc1 
Signed-off-by: Caspian <app@caspian.im>
@CaspianGUAN
Copy link
Contributor Author

CaspianGUAN commented Aug 25, 2025

更新了 util.go

CaspianGUAN and others added 2 commits August 25, 2025 07:59
@CaspianGUAN
Update util.go
30b6bbb 
Signed-off-by: Caspian <app@caspian.im>
@xrgzs
Update util.go
62300ac 
Signed-off-by: MadDogOwner <xiaoran@xrgzs.top>
@xrgzs
Copy link
Member

xrgzs commented Aug 25, 2025

有 Refresh Token 的话,账号密码应该可以改成可选了吧?

@xrgzs xrgzs requested review from Copilot and removed request for Copilot August 25, 2025 16:13
@CaspianGUAN
Copy link
Contributor Author

CaspianGUAN commented Aug 25, 2025

有 Refresh Token 的话,账号密码应该可以改成可选了吧?

是这么个理
但是还是建议首次登陆直接用账号和密码,就不用自己找apitoken和refresh token了,
如果不填写账号和密码就需要后2者,可以改成可选

Copilot AI reviewed Aug 25, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@xrgzs
ensure username and password
96f4c0c 
Signed-off-by: MadDogOwner <xiaoran@xrgzs.top>
xrgzs
xrgzs approved these changes Aug 25, 2025
View reviewed changes
Copy link
Member

@xrgzs xrgzs left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

测试了下,token 可以正常 refresh

文档后面改下 OpenListTeam/OpenList-Docs#156

@xrgzs xrgzs mentioned this pull request Aug 25, 2025
Merged
@xrgzs xrgzs merged commit 4f2de93 into OpenListTeam:main Aug 25, 2025
12 checks passed
ForSourceCodeAnalysis pushed a commit to ForSourceCodeAnalysis/OpenList that referenced this pull request Oct 4, 2025
@CaspianGUAN @xrgzs
feat(degoo): token improvement (OpenListTeam#1149)
f1531cb 
* Update driver.go

Signed-off-by: Caspian <app@caspian.im>

* Update meta.go

Signed-off-by: Caspian <app@caspian.im>

* Update util.go

Signed-off-by: Caspian <app@caspian.im>

* Update util.go

Signed-off-by: Caspian <app@caspian.im>

* Update util.go

Signed-off-by: Caspian <app@caspian.im>

* Update util.go

Signed-off-by: MadDogOwner <xiaoran@xrgzs.top>

* make account optional

* ensure username and password

Signed-off-by: MadDogOwner <xiaoran@xrgzs.top>

---------

Signed-off-by: Caspian <app@caspian.im>
Signed-off-by: MadDogOwner <xiaoran@xrgzs.top>
Co-authored-by: MadDogOwner <xiaoran@xrgzs.top>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@xrgzs xrgzs xrgzs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CaspianGUAN @xrgzs