feat: 优化token刷新逻辑，支持使用访问token刷新token，增强错误处理

2026-02-21 19:35:06 +08:00
parent d50f5ed2af
commit 6b5164e845
3 changed files with 127 additions and 88 deletions
--- a/src/routes/user/me.ts
+++ b/src/routes/user/me.ts
@@ -256,6 +256,7 @@ app
  .route({
    path: 'user',
    key: 'switchCheck',
+    description: '切换用户或切换为用户组，获取切换后的token',
    middleware: ['auth'],
  })
  .define(async (ctx) => {
@@ -263,23 +264,13 @@ app
    const { username, accessToken } = ctx.query.data || {};

    if (accessToken && username) {
-      const accessUser = await User.verifyToken(accessToken);
-      const refreshToken = accessUser.oauthExpand?.refreshToken;
-      if (refreshToken) {
-        const result = await User.refreshToken(refreshToken);
-        createCookie(token, ctx);
-
-        ctx.body = result;
-        return;
-      } else if (accessUser) {
-        await User.oauth.delToken(accessToken);
-        const result = await User.oauth.generateToken(accessUser, {
-          ...accessUser.oauthExpand,
-          hasRefreshToken: true,
-        });
+      const result = await User.refreshToken({ accessToken });
+      if (result.accessToken) {
+        console.log('refreshToken result', result);
        createCookie(result, ctx);
        ctx.body = result;
-        return;
+      } else {
+        ctx.throw(500, 'Refresh Token Failed, please login again');
      }
    } else {
      const result = await ctx.call(
@@ -355,18 +346,19 @@ app
      args: {
        data: z.object({
          refreshToken: z.string().describe('刷新token'),
+          accessToken: z.string().optional().describe('使用访问token去刷新token，如果提供了访问token，优先使用访问token去刷新token，刷新失败才会使用refreshToken去刷新'),
        }),
      }
    }
  })
  .define(async (ctx) => {
-    const { refreshToken } = ctx.query.data || {};
+    const { refreshToken, accessToken } = ctx.query.data || {};
    try {
-      if (!refreshToken) {
-        ctx.throw(400, 'Refresh Token is required');
+      if (!refreshToken && !accessToken) {
+        ctx.throw(400, 'Refresh Token or Access Token 必须提供一个');
      }
-      const result = await User.refreshToken(refreshToken);
-      if (result) {
+      const result = await User.refreshToken({ accessToken, refreshToken });
+      if (result.accessToken) {
        console.log('refreshToken result', result);
        createCookie(result, ctx);
        ctx.body = result;