feat: invaildate the token when change password (#552)

* feat: invaildate the token when change password

* fix: replace CN comments.

* remove unnecessary comments.

* fix: define corrected code.

* fix: fix uncorrect args.

go.mod

@@ -27,7 +27,7 @@ require (
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/openimsdk/gomake v0.0.9
 	github.com/openimsdk/protocol v0.0.63
-	github.com/openimsdk/tools v0.0.49-alpha.18
+	github.com/openimsdk/tools v0.0.49-alpha.24
 	github.com/redis/go-redis/v9 v9.5.1
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/viper v1.18.2

go.sum

@@ -191,6 +191,8 @@ github.com/openimsdk/protocol v0.0.63 h1:9DnweZe9nEYDFa4fGTbC9Cqi0gLUdtBhRo1NRP2
 github.com/openimsdk/protocol v0.0.63/go.mod h1:OZQA9FR55lseYoN2Ql1XAHYKHJGu7OMNkUbuekrKCM8=
 github.com/openimsdk/tools v0.0.49-alpha.18 h1:ARQeCiRmExvtB6XYItegThuV63JGOTxddwhSLHYXd78=
 github.com/openimsdk/tools v0.0.49-alpha.18/go.mod h1:g7mkHXYUPi0/8aAX8VPMHpnb3hqdV69Jph+bXOGvvNM=
+github.com/openimsdk/tools v0.0.49-alpha.24 h1:lJsqnjTPujnr91LRQ6QmcTliMIa4fMOBSTri6rFz2ek=
+github.com/openimsdk/tools v0.0.49-alpha.24/go.mod h1:g7mkHXYUPi0/8aAX8VPMHpnb3hqdV69Jph+bXOGvvNM=
 github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4=
 github.com/pelletier/go-toml/v2 v2.1.0/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc=
 github.com/pion/datachannel v1.5.5 h1:10ef4kwdjije+M9d7Xm9im2Y3O6A6ccQb0zcqZcJew8=

internal/api/chat/chat.go

@@ -164,7 +164,28 @@ func (o *Api) ResetPassword(c *gin.Context) {
 }
 
 func (o *Api) ChangePassword(c *gin.Context) {
-	a2r.Call(chatpb.ChatClient.ChangePassword, o.chatClient, c)
+	req, err := a2r.ParseRequest[chatpb.ChangePasswordReq](c)
+	if err != nil {
+		apiresp.GinError(c, err)
+		return
+	}
+	resp, err := o.chatClient.ChangePassword(c, req)
+	if err != nil {
+		apiresp.GinError(c, err)
+		return
+	}
+
+	imToken, err := o.imApiCaller.ImAdminTokenWithDefaultAdmin(c)
+	if err != nil {
+		apiresp.GinError(c, err)
+		return
+	}
+	err = o.imApiCaller.ForceOffLine(mctx.WithApiToken(c, imToken), req.UserID)
+	if err != nil {
+		apiresp.GinError(c, err)
+		return
+	}
+	apiresp.GinSuccess(c, resp)
 }
 
 // ################## USER ##################

internal/rpc/admin/token.go

@@ -17,10 +17,13 @@ package admin
 import (
 	"context"
 
-	"github.com/openimsdk/chat/pkg/protocol/admin"
+	"github.com/openimsdk/chat/pkg/eerrs"
+	adminpb "github.com/openimsdk/chat/pkg/protocol/admin"
+	"github.com/openimsdk/tools/log"
+	"github.com/redis/go-redis/v9"
 )
 
-func (o *adminServer) CreateToken(ctx context.Context, req *admin.CreateTokenReq) (*admin.CreateTokenResp, error) {
+func (o *adminServer) CreateToken(ctx context.Context, req *adminpb.CreateTokenReq) (*adminpb.CreateTokenResp, error) {
 	token, err := o.Token.CreateToken(req.UserID, req.UserType)
 	if err != nil {
 		return nil, err
@@ -29,26 +32,46 @@ func (o *adminServer) CreateToken(ctx context.Context, req *admin.CreateTokenReq
 	if err != nil {
 		return nil, err
 	}
-	return &admin.CreateTokenResp{
+	return &adminpb.CreateTokenResp{
 		Token: token,
 	}, nil
 }
 
-func (o *adminServer) ParseToken(ctx context.Context, req *admin.ParseTokenReq) (*admin.ParseTokenResp, error) {
+func (o *adminServer) ParseToken(ctx context.Context, req *adminpb.ParseTokenReq) (*adminpb.ParseTokenResp, error) {
 	userID, userType, err := o.Token.GetToken(req.Token)
 	if err != nil {
 		return nil, err
 	}
-	return &admin.ParseTokenResp{
+	m, err := o.Database.GetTokens(ctx, userID)
+	if err != nil && err != redis.Nil {
+		return nil, err
+	}
+	if len(m) == 0 {
+		return nil, eerrs.ErrTokenNotExist.Wrap()
+	}
+	if _, ok := m[req.Token]; !ok {
+		return nil, eerrs.ErrTokenNotExist.Wrap()
+	}
+
+	return &adminpb.ParseTokenResp{
 		UserID:   userID,
 		UserType: userType,
 	}, nil
 }
 
-func (o *adminServer) GetUserToken(ctx context.Context, req *admin.GetUserTokenReq) (*admin.GetUserTokenResp, error) {
+func (o *adminServer) GetUserToken(ctx context.Context, req *adminpb.GetUserTokenReq) (*adminpb.GetUserTokenResp, error) {
 	tokensMap, err := o.Database.GetTokens(ctx, req.UserID)
 	if err != nil {
 		return nil, err
 	}
-	return &admin.GetUserTokenResp{TokensMap: tokensMap}, nil
+	return &adminpb.GetUserTokenResp{TokensMap: tokensMap}, nil
+}
+
+func (o *adminServer) InvalidateToken(ctx context.Context, req *adminpb.InvalidateTokenReq) (*adminpb.InvalidateTokenResp, error) {
+	err := o.Database.DeleteToken(ctx, req.UserID)
+	if err != nil && err != redis.Nil {
+		return nil, err
+	}
+	log.ZDebug(ctx, "delete token from redis", "userID", req.UserID)
+	return &adminpb.InvalidateTokenResp{}, nil
 }

internal/rpc/chat/password.go

@@ -99,5 +99,9 @@ func (o *chatSvr) ChangePassword(ctx context.Context, req *chat.ChangePasswordRe
 			return nil, err
 		}
 	}
+	if err := o.Admin.InvalidateToken(ctx, req.UserID); err != nil {
+		return nil, err
+	}
+
 	return &chat.ChangePasswordResp{}, nil
 }

pkg/common/db/cache/token.go

@@ -16,6 +16,7 @@ package cache
 
 import (
 	"context"
+
 	"github.com/openimsdk/tools/utils/stringutil"
 
 	"github.com/openimsdk/tools/errs"
@@ -29,6 +30,7 @@ const (
 type TokenInterface interface {
 	AddTokenFlag(ctx context.Context, userID string, token string, flag int) error
 	GetTokensWithoutError(ctx context.Context, userID string) (map[string]int32, error)
+	DeleteTokenByUid(ctx context.Context, userID string) error
 }
 
 type TokenCacheRedis struct {
@@ -56,3 +58,8 @@ func (t *TokenCacheRedis) GetTokensWithoutError(ctx context.Context, userID stri
 	}
 	return mm, nil
 }
+
+func (t *TokenCacheRedis) DeleteTokenByUid(ctx context.Context, userID string) error {
+	key := chatToken + userID
+	return errs.Wrap(t.rdb.Del(ctx, key).Err())
+}

pkg/common/db/database/admin.go

@@ -76,6 +76,7 @@ type AdminDatabaseInterface interface {
 	GetLimitUserLoginIP(ctx context.Context, userID string, ip string) (*admindb.LimitUserLoginIP, error)
 	CacheToken(ctx context.Context, userID string, token string) error
 	GetTokens(ctx context.Context, userID string) (map[string]int32, error)
+	DeleteToken(ctx context.Context, userID string) error
 }
 
 func NewAdminDatabase(cli *mongoutil.Client, rdb redis.UniversalClient) (AdminDatabaseInterface, error) {
@@ -331,3 +332,7 @@ func (o *AdminDatabase) CacheToken(ctx context.Context, userID string, token str
 func (o *AdminDatabase) GetTokens(ctx context.Context, userID string) (map[string]int32, error) {
 	return o.cache.GetTokensWithoutError(ctx, userID)
 }
+
+func (o *AdminDatabase) DeleteToken(ctx context.Context, userID string) error {
+	return o.cache.DeleteTokenByUid(ctx, userID)
+}

pkg/common/mctx/get.go

@@ -17,8 +17,6 @@ package mctx
 import (
 	"context"
 	"strconv"
-
-
 	"github.com/openimsdk/tools/utils/datautil"
 
 	constantpb "github.com/openimsdk/protocol/constant"

pkg/eerrs/predefine.go

@@ -31,4 +31,6 @@ var (
 	ErrForbidden                = errs.NewCodeError(20012, "Forbidden")
 	ErrRefuseFriend             = errs.NewCodeError(20013, "RefuseFriend")
 	ErrEmailAlreadyRegister     = errs.NewCodeError(20014, "EmailAlreadyRegister")
+
+	ErrTokenNotExist = errs.NewCodeError(20101, "ErrTokenNotExist")
 )