From a526ac795d5909d354a500b29f0bc8b971842314 Mon Sep 17 00:00:00 2001
From: zihluwang <real@zihluwang.me>
Date: Tue, 6 Jan 2026 00:07:15 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E6=B7=BB=E5=8A=A0=E9=80=80=E5=87=BA?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../helix/controller/AuthController.java      | 10 ++++++++
 .../helix/manager/SecurityManager.java        | 20 +++++++++++++++
 .../onixbyte/helix/service/AuthService.java   | 25 ++++++++++++++++---
 3 files changed, 52 insertions(+), 3 deletions(-)
 create mode 100644 src/main/java/com/onixbyte/helix/manager/SecurityManager.java

diff --git a/src/main/java/com/onixbyte/helix/controller/AuthController.java b/src/main/java/com/onixbyte/helix/controller/AuthController.java
index 4a3153a..98b4d90 100644
--- a/src/main/java/com/onixbyte/helix/controller/AuthController.java
+++ b/src/main/java/com/onixbyte/helix/controller/AuthController.java
@@ -15,6 +15,8 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import java.time.Duration;
+
 @RestController
 @RequestMapping("/auth")
 public class AuthController {
@@ -59,4 +61,12 @@ public class AuthController {
     public boolean getRegisterEnabled() {
         return authService.getRegisterEnabled();
     }
+
+    @GetMapping("/logout")
+    public ResponseEntity<Void> logout() {
+        var cookie = authService.buildCookie(TokenConstant.TOKEN_NAME, "", Duration.ZERO);
+        return ResponseEntity.status(HttpStatus.OK)
+                .header(HttpHeaders.SET_COOKIE, cookie.toString())
+                .body(null);
+    }
 }
diff --git a/src/main/java/com/onixbyte/helix/manager/SecurityManager.java b/src/main/java/com/onixbyte/helix/manager/SecurityManager.java
new file mode 100644
index 0000000..f10b9fb
--- /dev/null
+++ b/src/main/java/com/onixbyte/helix/manager/SecurityManager.java
@@ -0,0 +1,20 @@
+package com.onixbyte.helix.manager;
+
+import com.onixbyte.helix.properties.TokenProperties;
+import org.springframework.stereotype.Component;
+
+import java.time.Duration;
+
+@Component
+public class SecurityManager {
+
+    private final TokenProperties tokenProperties;
+
+    public SecurityManager(TokenProperties tokenProperties) {
+        this.tokenProperties = tokenProperties;
+    }
+
+    public Duration getTokenValidDuration() {
+        return tokenProperties.validTime();
+    }
+}
diff --git a/src/main/java/com/onixbyte/helix/service/AuthService.java b/src/main/java/com/onixbyte/helix/service/AuthService.java
index 42a3de0..c36ae7f 100644
--- a/src/main/java/com/onixbyte/helix/service/AuthService.java
+++ b/src/main/java/com/onixbyte/helix/service/AuthService.java
@@ -1,10 +1,14 @@
 package com.onixbyte.helix.service;
 
+import com.onixbyte.helix.client.TokenClient;
 import com.onixbyte.helix.domain.entity.Setting;
 import com.onixbyte.helix.domain.entity.User;
 import com.onixbyte.helix.domain.web.request.LoginRequest;
 import com.onixbyte.helix.exception.BizException;
-import com.onixbyte.helix.manager.*;
+import com.onixbyte.helix.manager.ApplicationManager;
+import com.onixbyte.helix.manager.CaptchaManager;
+import com.onixbyte.helix.manager.SecurityManager;
+import com.onixbyte.helix.manager.SettingManager;
 import com.onixbyte.helix.security.authentication.UsernamePasswordAuthentication;
 import com.onixbyte.helix.shared.SettingName;
 import org.slf4j.Logger;
@@ -15,6 +19,7 @@ import org.springframework.http.ResponseCookie;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.stereotype.Service;
 
+import java.time.Duration;
 import java.util.Objects;
 import java.util.Optional;
 
@@ -27,18 +32,22 @@ public class AuthService {
     private final AuthenticationManager authenticationManager;
     private final SettingManager settingManager;
     private final ApplicationManager applicationManager;
+    private final TokenClient tokenClient;
+    private final SecurityManager securityManager;
 
     @Autowired
     public AuthService(
             CaptchaManager captchaManager,
             AuthenticationManager authenticationManager,
             SettingManager settingManager,
-            ApplicationManager applicationManager
-    ) {
+            ApplicationManager applicationManager,
+            TokenClient tokenClient, SecurityManager securityManager) {
         this.captchaManager = captchaManager;
         this.authenticationManager = authenticationManager;
         this.settingManager = settingManager;
         this.applicationManager = applicationManager;
+        this.tokenClient = tokenClient;
+        this.securityManager = securityManager;
     }
 
     /**
@@ -92,6 +101,16 @@ public class AuthService {
     public ResponseCookie buildCookie(String cookieName, String token) {
         var cookieBuilder = ResponseCookie.from(cookieName, token)
                 .httpOnly(true)
+                .maxAge(securityManager.getTokenValidity())
+                .path("/");
+
+        return cookieBuilder.build();
+    }
+
+    public ResponseCookie buildCookie(String cookieName, String token, Duration validDuration) {
+        var cookieBuilder = ResponseCookie.from(cookieName, token)
+                .httpOnly(true)
+                .maxAge(validDuration)
                 .path("/");
 
         return cookieBuilder.build();