chore: 修改 XUserIdHandshakeInterceptor 以支持 Bearer 前缀
All checks were successful
test/timeline-server/pipeline/head This commit looks good
All checks were successful
test/timeline-server/pipeline/head This commit looks good
This commit is contained in:
@@ -20,8 +20,6 @@ import java.util.Map;
|
||||
@Slf4j
|
||||
public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
|
||||
private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(XUserIdHandshakeInterceptor.class);
|
||||
|
||||
// 从配置中获取JWT密钥
|
||||
@Value("${jwt.secret:timelineSecretKey}")
|
||||
private String jwtSecret = "timelineSecretKey";
|
||||
@@ -35,16 +33,16 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
|
||||
@Override
|
||||
public boolean beforeHandshake(@NonNull ServerHttpRequest request,
|
||||
@NonNull ServerHttpResponse response,
|
||||
@NonNull WebSocketHandler wsHandler,
|
||||
@NonNull Map<String, Object> attributes) {
|
||||
@NonNull ServerHttpResponse response,
|
||||
@NonNull WebSocketHandler wsHandler,
|
||||
@NonNull Map<String, Object> attributes) {
|
||||
if (request instanceof ServletServerHttpRequest servletRequest) {
|
||||
HttpServletRequest httpServletRequest = servletRequest.getServletRequest();
|
||||
|
||||
|
||||
// 首先尝试从X-User-Id请求头获取userId(来自网关转发)
|
||||
String userId = httpServletRequest.getHeader("X-User-Id");
|
||||
String username = httpServletRequest.getHeader("X-Username");
|
||||
|
||||
|
||||
// 如果没有从请求头获取到,则尝试从查询参数中获取token并解析
|
||||
if (userId == null || userId.isEmpty()) {
|
||||
URI uri = request.getURI();
|
||||
@@ -69,12 +67,18 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// 解析 token
|
||||
if (token != null && !token.isEmpty()) {
|
||||
try {
|
||||
// URL 解码
|
||||
token = java.net.URLDecoder.decode(token, java.nio.charset.StandardCharsets.UTF_8);
|
||||
|
||||
// 移除 Bearer 前缀(如果存在)
|
||||
if (token.startsWith("Bearer ")) {
|
||||
token = token.substring(7);
|
||||
}
|
||||
|
||||
Claims claims = JwtUtils.parseToken(token, jwtSecret);
|
||||
if (claims != null) {
|
||||
userId = claims.get("userId", String.class);
|
||||
@@ -87,7 +91,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// 如果获取到userId,则将其放入attributes中供后续使用
|
||||
if (userId != null && !userId.isEmpty()) {
|
||||
attributes.put("userId", userId);
|
||||
@@ -96,7 +100,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
} else {
|
||||
log.warn("WebSocket握手:未获取到userId,可能无法正确建立连接");
|
||||
}
|
||||
|
||||
|
||||
// 如果获取到username,也将其存储
|
||||
if (username != null && !username.isEmpty()) {
|
||||
attributes.put("username", username);
|
||||
@@ -109,9 +113,9 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
|
||||
@Override
|
||||
public void afterHandshake(@NonNull ServerHttpRequest request,
|
||||
@org.springframework.lang.Nullable ServerHttpResponse response,
|
||||
@NonNull WebSocketHandler wsHandler,
|
||||
@org.springframework.lang.Nullable Exception exception) {
|
||||
@org.springframework.lang.Nullable ServerHttpResponse response,
|
||||
@NonNull WebSocketHandler wsHandler,
|
||||
@org.springframework.lang.Nullable Exception exception) {
|
||||
// 在握手完成后,检查userId是否已设置
|
||||
if (request instanceof ServletServerHttpRequest servletRequest) {
|
||||
String userId = (String) servletRequest.getServletRequest().getAttribute("userId");
|
||||
@@ -123,7 +127,6 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public static class UserPrincipal implements Principal {
|
||||
private final String name;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user