完善登录用户的token校验

library/src/middleware/req_ctx.rs

@@ -58,17 +58,17 @@ pub async fn authenticate_ctx(mut req: Request, next: Next) -> Response {
             // 从缓存中获取当前用户信息
             let account = LOGIN_ACCOUNT_CACHE.get(&decoded.claims.sub).await;
             if account.is_none() {
-                tracing::error!("无效的 token");
+                tracing::error!("无效的 token, 无缓存的登陆用户信息");
                 // 解析语言
                 let language = request_util::get_lang_tag(req.headers());
                 return ResErr::auth(message!(&language, MessageId::BadRequest)).into_response();
             }
             let account = account.unwrap();
-            // 判断token是否有效(注释掉，如果服务因为升级等原因手动重启了，缓存的数据也不再存在)
-            // let account = account.unwrap();
-            // if account.token != token {
-            //     return (StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response();
-            // }
+            // 判断token是否有效
+            if account.token != Arc::new(String::from(token)) {
+                tracing::error!("无效的 token, 缓存的登陆用户信息和token不一致");
+                return (hyper::StatusCode::UNAUTHORIZED, "Invalid token".to_string()).into_response();
+            }
             let mut language = account.account.clone().lang_tag.clone();
             if language.is_empty() {
                 language = request_util::get_lang_tag(req.headers());
@@ -83,7 +83,7 @@ pub async fn authenticate_ctx(mut req: Request, next: Next) -> Response {
             next.run(req).await
         },
         Err(_) => {
-            tracing::error!("无效的 token");
+            tracing::error!("无效的 token, 解析失败");
             // 解析语言
             let language = request_util::get_lang_tag(req.headers());
             return ResErr::auth(message!(&language, MessageId::BadRequest)).into_response();