Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

账号登录无限过期 #46

Closed
yetao-study opened this issue Mar 29, 2022 · 4 comments
Closed

账号登录无限过期 #46

yetao-study opened this issue Mar 29, 2022 · 4 comments
Labels
bug Something isn't working

Comments

@yetao-study
Copy link

yetao-study commented Mar 29, 2022
edited

一段时间不登陆后,自动退出,退出后再次登录输入账号密码登不上了,必须重启
输入账号密码后一直提示“未登录或登录已过期,请重新登录”,点一次提示一次
采用的是docker部署方式,v1.0-beta.6版本
登录问题1
@yetao-study yetao-study added the bug Something isn't working label Mar 29, 2022
@Issues-translate-bot
Copy link

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

If you do not log in for a period of time, you will automatically log out. After logging out, you will not be able to log in by entering your account and password. You must restart.
After entering the account password, it keeps prompting "Not logged in or the login has expired, please log in again", click once to prompt once
Login Issue 1

@tomsun28
Copy link
Contributor

hi 这个问题一般是没有正确配置sureness.yml 请排查是否是对sureness.yml没有配置完整
[注意⚠️sureness配置的其它默认参数需保留]

配置用户配置文件(非必须,配置账户需要)
HertzBeat默认内置三个用户账户,分别为 admin/admin tom/tom@123 lili/lili
若需要新增删除修改账户或密码,可以通过配置 sureness.yml 实现,若无此需求可忽略此步骤
在主机目录下创建sureness.yml,eg:/opt/sureness.yml
配置文件内容参考 项目仓库/script/sureness.yml
修改sureness.yml的如下部分参数:[注意⚠️sureness配置的其它默认参数需保留]

## -- sureness.yml文本数据源 -- ##

# 加载到匹配字典的资源,也就是需要被保护的,设置了所支持角色访问的资源
# 没有配置的资源也默认被认证保护,但不鉴权
# eg: /api/v1/source1===get===[role2] 表示 /api/v2/host===post 这条资源支持 role2 这一种角色访问
# eg: /api/v1/source2===get===[] 表示 /api/v1/source2===get 这条资源不支持任何角色访问
resourceRole:
  - /account/auth/refresh===post===[role1,role2,role3,role4]

# 需要被过滤保护的资源,不认证鉴权直接访问
# /api/v1/source3===get 表示 /api/v1/source3===get 可以被任何人访问 无需登录认证鉴权
excludedResource:
  - /account/auth/**===*
  - /===get
  - /i18n/**===get
  - /apps/hierarchy===get
  # web ui 静态资源
  - /console/**===get
  - /**/*.html===get
  - /**/*.js===get
  - /**/*.css===get
  - /**/*.ico===get
  - /**/*.ttf===get
  - /**/*.png===get
  - /**/*.gif===get
    - /**/*.png===*
  # swagger ui 资源
  - /swagger-resources/**===get
  - /v2/api-docs===get
  - /v3/api-docs===get

# 用户账户信息
# 下面有 admin tom lili 三个账户
# eg: admin 拥有[role1,role2]角色,密码为admin
# eg: tom 拥有[role1,role2,role3],密码为tom@123
# eg: lili 拥有[role1,role2],明文密码为lili, 加盐密码为1A676730B0C7F54654B0E09184448289
account:
  - appId: admin
    credential: admin
    role: [role1,role2]
  - appId: tom
    credential: tom@123
    role: [role1,role2,role3]
  - appId: lili
    # 注意 Digest认证不支持加盐加密的密码账户
    # 加盐加密的密码,通过 MD5(password+salt)计算
    # 此账户的原始密码为 lili
    credential: 1A676730B0C7F54654B0E09184448289
    salt: 123
    role: [role1,role2]

@yetao-study
Copy link
Author

配置文件是得写完整,之前只写了account部分导致的

@Issues-translate-bot
Copy link

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

The configuration file has to be written completely, because only the account part was written before

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yetao-study @tomsun28 @Issues-translate-bot