SecurityFrameworkUtils 返回用户信息时，增加判断逻辑，保证正确性

src/main/java/cn/iocoder/dashboard/framework/security/core/util/SecurityFrameworkUtils.java

@@ -2,7 +2,10 @@ package cn.iocoder.dashboard.framework.security.core.util;
 
 import cn.iocoder.dashboard.framework.security.core.LoginUser;
 import cn.iocoder.dashboard.framework.web.core.util.WebFrameworkUtils;
+import org.springframework.lang.Nullable;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.util.StringUtils;
@@ -40,9 +43,20 @@ public class SecurityFrameworkUtils {
 
     /**
      * 获取当前用户
+     *
+     * @return 当前用户
      */
+    @Nullable
     public static LoginUser getLoginUser() {
-        return (LoginUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+        SecurityContext context = SecurityContextHolder.getContext();
+        if (context == null) {
+            return null;
+        }
+        Authentication authentication = context.getAuthentication();
+        if (authentication == null) {
+            return null;
+        }
+        return (LoginUser) authentication.getPrincipal();
     }
 
     /**
@@ -50,8 +64,10 @@ public class SecurityFrameworkUtils {
      *
      * @return 用户编号
      */
+    @Nullable
     public static Long getLoginUserId() {
-        return getLoginUser().getId();
+        LoginUser loginUser = getLoginUser();
+        return loginUser != null ? loginUser.getId() : null;
     }
 
     /**
@@ -59,8 +75,10 @@ public class SecurityFrameworkUtils {
      *
      * @return 角色编号数组
      */
+    @Nullable
     public static Set<Long> getLoginUserRoleIds() {
-        return getLoginUser().getRoleIds();
+        LoginUser loginUser = getLoginUser();
+        return loginUser != null ? loginUser.getRoleIds() : null;
     }
 
     /**

src/main/java/cn/iocoder/dashboard/modules/system/service/auth/impl/SysAuthServiceImpl.java

@@ -162,22 +162,23 @@ public class SysAuthServiceImpl implements SysAuthService {
     public void logout(String token) {
         // 查询用户信息
         LoginUser loginUser = userSessionService.getLoginUser(token);
-        if(loginUser == null) {
+        if (loginUser == null) {
             return;
         }
-        // 删除session
+        // 删除 session
         userSessionService.deleteUserSession(token);
-        this.createLogoutLog(loginUser.getUsername(), SysLoginResultEnum.SUCCESS);
+        // 记录登出日子和
+        this.createLogoutLog(loginUser.getUsername());
     }
 
-    private void createLogoutLog(String username, SysLoginResultEnum loginResult) {
+    private void createLogoutLog(String username) {
         SysLoginLogCreateReqVO reqVO = new SysLoginLogCreateReqVO();
         reqVO.setLogType(SysLoginLogTypeEnum.LOGOUT_SELF.getType());
         reqVO.setTraceId(TracerUtils.getTraceId());
         reqVO.setUsername(username);
         reqVO.setUserAgent(ServletUtils.getUserAgent());
         reqVO.setUserIp(ServletUtils.getClientIP());
-        reqVO.setResult(loginResult.getResult());
+        reqVO.setResult(SysLoginResultEnum.SUCCESS.getResult());
         loginLogService.createLoginLog(reqVO);
     }