From 4bb1283a0aff63ce0b19ccf8b0d94de9b3c8eed4 Mon Sep 17 00:00:00 2001
From: veypi <i@veypi.com>
Date: Thu, 21 May 2026 01:34:18 +0800
Subject: [PATCH] feat(auth): Increment token version on login to revoke old
 sessions

    - Change login to call IncrTokenVersion instead of GetTokenVersion
    - Add IncrTokenVersion public function wrapping incrTokenVersion
    - Existing tokens become invalid when user logs in again
---
 api/auth/login.go | 4 ++--
 auth/auth.go      | 5 +++++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/api/auth/login.go b/api/auth/login.go
index d4c6f4b..8def275 100644
--- a/api/auth/login.go
+++ b/api/auth/login.go
@@ -117,9 +117,9 @@ func loginWithCode(x *vigo.X, req *LoginWithCodeRequest) (*AuthResponse, error)
 	return generateAuthResponseForUser(x, &user)
 }
 
-// generateAuthResponseForUser 为用户生成认证响应（登录/注册时调用，不递增版本）
+// generateAuthResponseForUser 为用户生成认证响应（登录时递增版本，踢掉旧会话）
 func generateAuthResponseForUser(x *vigo.X, user *models.User) (*AuthResponse, error) {
-	version, err := auth.GetTokenVersion(user.ID)
+	version, err := auth.IncrTokenVersion(user.ID)
 	if err != nil {
 		return nil, vigo.ErrInternalServer.WithError(err)
 	}
diff --git a/auth/auth.go b/auth/auth.go
index 44e04df..3c45283 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -575,6 +575,11 @@ func GetTokenVersion(userID string) (int64, error) {
 	return getTokenVersion(userID)
 }
 
+// IncrTokenVersion 递增用户 token 版本号，返回新版本（登录时调用，实现踢旧会话）
+func IncrTokenVersion(userID string) (int64, error) {
+	return incrTokenVersion(userID)
+}
+
 // RevokeAllTokens 撤销用户所有 token（递增版本号）
 func RevokeAllTokens(userID string) error {
 	_, err := incrTokenVersion(userID)