JWT Token验证流程时序图
1. 请求Token验证时序图
sequenceDiagram
participant 客户端 as 客户端
participant JwtFilter as JwtAuthenticationTokenFilter
participant TokenService as TokenService
participant RedisCache as RedisCache
participant SecurityContextHolder as SecurityContextHolder
客户端->>JwtFilter: 发送带Token的请求
JwtFilter->>TokenService: 获取登录用户(getLoginUser)
TokenService->>JwtFilter: 从请求头提取Token(getToken)
JwtFilter->>TokenService: 解析Token(parseToken)
TokenService-->>JwtFilter: 返回Claims数据
JwtFilter->>TokenService: 获取缓存用户(getCacheObject)
TokenService->>RedisCache: 查询缓存
RedisCache-->>TokenService: 返回LoginUser
TokenService-->>JwtFilter: 返回LoginUser
JwtFilter->>TokenService: 验证Token有效性(verifyToken)
TokenService->>TokenService: 检查是否需要刷新
TokenService->>TokenService: 刷新Token(refreshToken)
TokenService->>RedisCache: 更新缓存过期时间
JwtFilter->>SecurityContextHolder: 设置认证信息
SecurityContextHolder-->>JwtFilter: 设置完成
JwtFilter->>客户端: 请求继续处理
2. Token创建与销毁时序图
sequenceDiagram
participant SysLoginService as SysLoginService
participant TokenService as TokenService
participant RedisCache as RedisCache
participant LogoutHandler as LogoutSuccessHandlerImpl
SysLoginService->>TokenService: 创建Token(createToken)
TokenService->>TokenService: 生成UUID
TokenService->>TokenService: 设置用户代理信息(setUserAgent)
TokenService->>TokenService: 刷新Token(refreshToken)
TokenService->>RedisCache: 缓存LoginUser对象
TokenService-->>SysLoginService: 返回Token字符串
LogoutHandler->>TokenService: 删除登录用户(delLoginUser)
TokenService->>TokenService: 构造缓存键(getTokenKey)
TokenService->>RedisCache: 删除缓存对象
RedisCache-->>TokenService: 删除结果
TokenService-->>LogoutHandler: 删除完成
