[Feature] Invalidate Previous Tokens on New Login by Implementing Cli…

…ent ID Validation (#5600) * [Feature] kick other token when dashboard user login * [Fix] fix ci problem * [Fix] fix ci problem * [Fix] fix ci problem * [Fix] fix e2e ci problem * [Improve] invalid token logic only frontend has client id --------- Co-authored-by: moremind <hefengen@apache.org>
apache · Aug 1, 2024 · a1d4cde · a1d4cde
1 parent 13eefc4
commit a1d4cde
Show file tree

Hide file tree

Showing 23 changed files with 299 additions and 127 deletions.
diff --git a/db/init/mysql/schema.sql b/db/init/mysql/schema.sql
@@ -154,6 +154,7 @@ CREATE TABLE `dashboard_user`  (
   `password` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT 'user password',
   `role` int(0) NOT NULL COMMENT 'role',
   `enabled` tinyint(0) NOT NULL COMMENT 'delete or not (0 close, 1 open) ',
+  `client_id` varchar(32) DEFAULT NULL COMMENT 'client id',
   `date_created` timestamp(3) NOT NULL DEFAULT CURRENT_TIMESTAMP(3) COMMENT 'create time',
   `date_updated` timestamp(3) NOT NULL DEFAULT CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3) COMMENT 'update time',
   PRIMARY KEY (`id`) USING BTREE,
@@ -163,7 +164,7 @@ CREATE TABLE `dashboard_user`  (
 -- ----------------------------
 -- Records of dashboard_user
 -- ----------------------------
-INSERT INTO `dashboard_user` VALUES ('1', 'admin', 'ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413', 1, 1, '2022-05-25 18:02:52', '2022-05-25 18:02:52');
+INSERT INTO `dashboard_user` VALUES ('1', 'admin', 'ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413', 1, 1, null, '2022-05-25 18:02:52', '2022-05-25 18:02:52');
 
 -- ----------------------------
 -- Table structure for data_permission

diff --git a/db/init/og/create-table.sql b/db/init/og/create-table.sql
@@ -202,6 +202,7 @@ CREATE TABLE "public"."dashboard_user" (
   "password" varchar(128) COLLATE "pg_catalog"."default",
   "role" int4 NOT NULL,
   "enabled" int2 NOT NULL,
+  "client_id" varchar(32) COLLATE "pg_catalog"."default",
   "date_created" timestamp(6) NOT NULL DEFAULT timezone('UTC-8'::text, (now())::timestamp(0) without time zone),
   "date_updated" timestamp(6) NOT NULL DEFAULT timezone('UTC-8'::text, (now())::timestamp(0) without time zone)
 )
@@ -217,7 +218,7 @@ COMMENT ON COLUMN "public"."dashboard_user"."date_updated" IS 'update time';
 -- ----------------------------
 -- Records of dashboard_user
 -- ----------------------------
-INSERT INTO "public"."dashboard_user" VALUES ('1', 'admin', 'ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413', 1, 1, '2022-05-25 18:08:01', '2022-05-25 18:08:01');
+INSERT INTO "public"."dashboard_user" VALUES ('1', 'admin', 'ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413', 1, 1, null, '2022-05-25 18:08:01', '2022-05-25 18:08:01');
 
 -- ----------------------------
 -- Table structure for data_permission

diff --git a/db/init/oracle/schema.sql b/db/init/oracle/schema.sql
@@ -21,6 +21,7 @@ create table dashboard_user
     password     VARCHAR2(128),
     role         NUMBER(10) not null,
     enabled      NUMBER(3) not null,
+    client_id     VARCHAR2(32),
     date_created timestamp(3) default SYSDATE not null,
     date_updated timestamp(3) default SYSDATE not null,
     PRIMARY KEY (id),

diff --git a/db/init/pg/create-table.sql b/db/init/pg/create-table.sql
@@ -202,6 +202,7 @@ CREATE TABLE "public"."dashboard_user" (
   "password" varchar(128) COLLATE "pg_catalog"."default",
   "role" int4 NOT NULL,
   "enabled" int2 NOT NULL,
+  "client_id" varchar(32) COLLATE "pg_catalog"."default",
   "date_created" timestamp(6) NOT NULL DEFAULT timezone('UTC-8'::text, (now())::timestamp(0) without time zone),
   "date_updated" timestamp(6) NOT NULL DEFAULT timezone('UTC-8'::text, (now())::timestamp(0) without time zone)
 )
@@ -217,7 +218,7 @@ COMMENT ON COLUMN "public"."dashboard_user"."date_updated" IS 'update time';
 -- ----------------------------
 -- Records of dashboard_user
 -- ----------------------------
-INSERT INTO "public"."dashboard_user" VALUES ('1', 'admin', 'ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413', 1, 1, '2022-05-25 18:08:01', '2022-05-25 18:08:01');
+INSERT INTO "public"."dashboard_user" VALUES ('1', 'admin', 'ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413', 1, 1, null, '2022-05-25 18:08:01', '2022-05-25 18:08:01');
 
 -- ----------------------------
 -- Table structure for data_permission

diff --git a/db/upgrade/2.6.1-upgrade-2.7.0-mysql.sql b/db/upgrade/2.6.1-upgrade-2.7.0-mysql.sql
@@ -165,3 +165,6 @@ INSERT INTO `shenyu`.`permission` (`id`, `object_id`, `resource_id`, `date_creat
 INSERT INTO `shenyu`.`permission` (`id`, `object_id`, `resource_id`, `date_created`, `date_updated`) VALUES ('1792779493541343265', '1346358560427216896', '1792749362445840484', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
 INSERT INTO `shenyu`.`permission` (`id`, `object_id`, `resource_id`, `date_created`, `date_updated`) VALUES ('1792779493541343266', '1346358560427216896', '1792749362445840485', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
 INSERT INTO `shenyu`.`permission` (`id`, `object_id`, `resource_id`, `date_created`, `date_updated`) VALUES ('1792779493541343267', '1346358560427216896', '1792749362445840486', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
+
+/* add column into dashboard_user table */
+ALTER TABLE `shenyu`.`dashboard_user` ADD COLUMN `client_id` varchar(32) NULL DEFAULT NULL COMMENT 'client id';
diff --git a/db/upgrade/2.6.1-upgrade-2.7.0-og.sql b/db/upgrade/2.6.1-upgrade-2.7.0-og.sql
@@ -188,3 +188,7 @@ INSERT INTO "public"."permission" VALUES ('1792779493541343264', '13463585604272
 INSERT INTO "public"."permission" VALUES ('1792779493541343265', '1346358560427216896', '1792749362445840484', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
 INSERT INTO "public"."permission" VALUES ('1792779493541343266', '1346358560427216896', '1792749362445840485', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
 INSERT INTO "public"."permission" VALUES ('1792779493541343267', '1346358560427216896', '1792749362445840486', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
+
+/* add column into dashboard_user table */
+ALTER TABLE "public"."dashboard_user" ADD COLUMN client_id VARCHAR(32) NULL;
+COMMENT ON COLUMN "public"."dashboard_user".client_id IS 'client id';
diff --git a/db/upgrade/2.6.1-upgrade-2.7.0-oracle.sql b/db/upgrade/2.6.1-upgrade-2.7.0-oracle.sql
@@ -214,3 +214,7 @@ INSERT /*+ IGNORE_ROW_ON_DUPKEY_INDEX (permission(id)) */ INTO permission (id, o
 INSERT /*+ IGNORE_ROW_ON_DUPKEY_INDEX (permission(id)) */ INTO permission (id, object_id, resource_id) VALUES ('1792779493541343265', '1346358560427216896', '1792749362445840484');
 INSERT /*+ IGNORE_ROW_ON_DUPKEY_INDEX (permission(id)) */ INTO permission (id, object_id, resource_id) VALUES ('1792779493541343266', '1346358560427216896', '1792749362445840485');
 INSERT /*+ IGNORE_ROW_ON_DUPKEY_INDEX (permission(id)) */ INTO permission (id, object_id, resource_id) VALUES ('1792779493541343267', '1346358560427216896', '1792749362445840486');
+
+/* add column into dashboard_user table */
+ALTER TABLE dashboard_user ADD client_id VARCHAR(32) NULL;
+COMMENT ON COLUMN dashboard_user.client_id IS 'client id';
diff --git a/db/upgrade/2.6.1-upgrade-2.7.0-pg.sql b/db/upgrade/2.6.1-upgrade-2.7.0-pg.sql
@@ -189,3 +189,7 @@ INSERT INTO "public"."permission" VALUES ('1792779493541343264', '13463585604272
 INSERT INTO "public"."permission" VALUES ('1792779493541343265', '1346358560427216896', '1792749362445840484', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
 INSERT INTO "public"."permission" VALUES ('1792779493541343266', '1346358560427216896', '1792749362445840485', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
 INSERT INTO "public"."permission" VALUES ('1792779493541343267', '1346358560427216896', '1792749362445840486', '2024-06-25 20:00:00.000', '2024-06-25 20:00:00.000');
+
+/* add column into dashboard_user table */
+ALTER TABLE "public"."dashboard_user" ADD COLUMN client_id VARCHAR(32) NULL;
+COMMENT ON COLUMN "public"."dashboard_user".client_id IS 'client id';
diff --git a/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/PlatformController.java b/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/PlatformController.java
@@ -25,6 +25,7 @@
 import org.apache.shenyu.admin.service.SecretService;
 import org.apache.shenyu.admin.utils.ShenyuResultMessage;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 
 import java.util.Optional;
 
@@ -51,11 +52,12 @@ public PlatformController(final DashboardUserService dashboardUserService, final
      *
      * @param userName user name
      * @param password user password
+     * @param clientId client id
      * @return {@linkplain ShenyuAdminResult}
      */
     @GetMapping("/login")
-    public ShenyuAdminResult loginDashboardUser(final String userName, final String password) {
-        LoginDashboardUserVO loginVO = dashboardUserService.login(userName, password);
+    public ShenyuAdminResult loginDashboardUser(final String userName, final String password, @RequestParam(required = false) final String clientId) {
+        LoginDashboardUserVO loginVO = dashboardUserService.login(userName, password, clientId);
         return Optional.ofNullable(loginVO)
                 .map(loginStatus -> {
                     if (Boolean.TRUE.equals(loginStatus.getEnabled())) {