From 9b6c793d4a9e6fb7acc55d2da645560cc5ae9ead Mon Sep 17 00:00:00 2001
From: rearcher <123781007@qq.com>
Date: Tue, 24 Sep 2024 17:23:18 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A1=A5=E5=85=85=E6=A0=A1=E9=AA=8Ctoken?=
 =?UTF-8?q?=E9=80=BB=E8=BE=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 oauth2_provider/app/views/oauth2.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/oauth2_provider/app/views/oauth2.py b/oauth2_provider/app/views/oauth2.py
index 8e7bb98..f9e2812 100644
--- a/oauth2_provider/app/views/oauth2.py
+++ b/oauth2_provider/app/views/oauth2.py
@@ -31,6 +31,7 @@ from vulcanus.restful.resp import state
 from vulcanus.restful.response import BaseResponse
 from werkzeug.utils import cached_property, import_string
 
+from oauth2_provider.app import cache
 from oauth2_provider.app.constant import secret
 from oauth2_provider.app.core.token import jwt_token
 from oauth2_provider.app.serialize.oauth2 import OauthTokenIntrospectSchema, OauthTokenSchema, RefreshTokenSchema
@@ -100,6 +101,9 @@ class OauthorizeView(BaseResponse, OAuth2):
         try:
             token_info = jwt_token.decode(token=token, secret=secret)
             g.username = token_info["sub"]
+            cache_token = cache.get(token_info["sub"] + "-token")
+            if token != cache_token:
+                raise ValueError
             return True
         except ExpiredSignatureError as error:
             LOGGER.error("Signature has expired: %s" % token)
-- 
Gitee