From 11255c71a6ee189ae43d42ea785c4838fb3923bd Mon Sep 17 00:00:00 2001
From: junleea <354425203@qq.com>
Date: Sun, 10 Aug 2025 13:59:43 +0800
Subject: [PATCH] =?UTF-8?q?=E8=AE=BE=E7=BD=AE=E5=AF=86=E9=92=A5=E6=97=A0?=
 =?UTF-8?q?=E6=95=88=E8=BF=94=E5=9B=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 main.go                | 10 +++++-----
 proto/conf.go          |  1 +
 proto/status.go        |  1 +
 service/toolService.go |  3 +++
 4 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/main.go b/main.go
index cc73865..16b4e8a 100644
--- a/main.go
+++ b/main.go
@@ -150,13 +150,13 @@ func JWTAuthMiddleware() gin.HandlerFunc {
 			c.Next()
 			return
 		}
+		if proto.SigningKeyIsValid == false {
+			c.AbortWithStatusJSON(http.StatusOK, gin.H{"message": "server error", "error": "token secret is invalid", "code": proto.SigningKeyIsValid})
+			return
+		}
 		if tokenString == "" {
 			//c.AbortWithStatus(200)
-			c.JSON(200, gin.H{
-				"message": "Unauthorized",
-				"error":   "token is empty",
-				"code":    proto.TokenIsNull,
-			})
+			c.JSON(http.StatusOK, gin.H{"message": "Unauthorized", "error": "token is empty", "code": proto.TokenIsNull})
 			return
 		}
 		if proto.Config.TOKEN_USE_REDIS {
diff --git a/proto/conf.go b/proto/conf.go
index a7de18d..8d47f45 100644
--- a/proto/conf.go
+++ b/proto/conf.go
@@ -22,6 +22,7 @@ var SigningKeyRWLock = &sync.RWMutex{}
 
 var SyncSecretReqLog int64
 var CurrentConfigPath string
+var SigningKeyIsValid = true // 是否有效的签名密钥
 
 const (
 	MYSQL_USER     = "video_t2"
diff --git a/proto/status.go b/proto/status.go
index 3d9710b..f51d337 100644
--- a/proto/status.go
+++ b/proto/status.go
@@ -78,4 +78,5 @@ const (
 	MonitorServerIDIsNull   = 110 // 监控服务器ID为空
 	MonitorServerIDNotFound = 111 // 监控服务器ID不存在
 
+	SigningKeyVersionIsTooOld = 200
 )
diff --git a/service/toolService.go b/service/toolService.go
index 766df4f..ab48a4d 100644
--- a/service/toolService.go
+++ b/service/toolService.go
@@ -299,6 +299,9 @@ func GetTokenSecretFromUserCenter() (*proto.SecretSyncSettings, error) {
 		return nil, err
 	}
 	if respObject.Code != 0 {
+		if respObject.Code == proto.SigningKeyVersionIsTooOld {
+			proto.SigningKeyIsValid = false //设置当前密钥无效
+		}
 		log.Println("GetTokenSecretFromUserCenter error code:", respObject.Code, "\t, message:", respObject.Message)
 		return nil, fmt.Errorf("GetTokenSecretFromUserCenter error code: %d, message: %s", respObject.Code, respObject.Message)
 	}