页面样式，svg

schoolNewsServ/auth/src/main/java/org/xyzh/auth/controller/AuthController.java

@@ -70,8 +70,8 @@ public class AuthController {
      * @since 2025-09-28
      */
     @PostMapping("/logout")
-    public ResultDomain<String> logout(@RequestBody LoginDomain loginDomain) {
-        return loginService.logout(loginDomain);
+    public ResultDomain<String> logout(HttpServletRequest request) {
+        return loginService.logout(request);
     }
 
     /**

schoolNewsServ/auth/src/main/java/org/xyzh/auth/filter/JwtAuthenticationFilter.java

@@ -72,7 +72,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
                     }
                     
                     // 【优化】从Redis缓存中获取LoginDomain，避免每次都查数据库
-                    String redisKey = REDIS_LOGIN_PREFIX + userId;
+                    // 多设备登录场景下，以token为维度存储和获取会话信息
+                    String redisKey = REDIS_LOGIN_PREFIX + token;
                     LoginDomain loginDomain = (LoginDomain) redisService.get(redisKey);
                     
                     if (loginDomain != null && loginDomain.getUser() != null) {

schoolNewsServ/auth/src/main/java/org/xyzh/auth/service/LoginServiceImpl.java

@@ -137,10 +137,11 @@ public class LoginServiceImpl implements LoginService {
             loginDomain.setToken(jwtTokenUtil.generateToken(loginDomain));
             
             // 将LoginDomain存储到Redis中，根据rememberMe设置不同的过期时间
-            String redisKey = "login:token:" + user.getID();
+            String token = loginDomain.getToken();
+            String redisKey = "login:token:" + token;
             long expireTime = loginParam.isRememberMe() 
-                ? 7 * 24 * 60 * 60  // rememberMe: 7天
-                : 24 * 60 * 60;      // 不rememberMe: 1天
+                ? 7 * 24 * 60 * 60
+                : 24 * 60 * 60;
             redisService.set(redisKey, loginDomain, expireTime, TimeUnit.SECONDS);
             
             // 登录成功后清除失败次数并记录成功日志
@@ -160,14 +161,33 @@ public class LoginServiceImpl implements LoginService {
     }
 
     @Override
-    public ResultDomain<String> logout(LoginDomain loginDomain) {
+    public ResultDomain<String> logout(HttpServletRequest request) {
         ResultDomain<String> result = new ResultDomain<>();
-        
+
         try {
-            // TODO: 将token加入黑名单或从Redis中删除
-            // 这里可以实现token黑名单机制
-            
-            result.success("退出登录成功", (String)null);
+            // 从请求头中获取 Bearer Token
+            String bearerToken = request.getHeader("Authorization");
+            if (!StringUtils.hasText(bearerToken) || !bearerToken.startsWith("Bearer ")) {
+                result.fail("未提供有效的认证信息");
+                return result;
+            }
+
+            String token = bearerToken.substring(7);
+
+            // 解析 token 获取 userId，作为基本校验
+            String userId = jwtTokenUtil.getUserIdFromToken(token);
+            if (!StringUtils.hasText(userId)) {
+                result.fail("无效的令牌");
+                return result;
+            }
+
+            // 删除当前token对应的 Redis 登录信息（多设备登录场景下不影响其他设备）
+            String redisKey = "login:token:" + token;
+            redisService.delete(redisKey);
+
+            // TODO: 如有需要，可在此处增加 token 黑名单机制
+
+            result.success("退出登录成功", (String) null);
         } catch (Exception e) {
             result.fail("退出登录失败: " + e.getMessage());
         }