diff --git a/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java b/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java index 73851f4..4e8c9e3 100644 --- a/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java +++ b/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java @@ -20,8 +20,6 @@ import java.util.Map; @Slf4j public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { - private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(XUserIdHandshakeInterceptor.class); - // 从配置中获取JWT密钥 @Value("${jwt.secret:timelineSecretKey}") private String jwtSecret = "timelineSecretKey"; @@ -35,16 +33,16 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { @Override public boolean beforeHandshake(@NonNull ServerHttpRequest request, - @NonNull ServerHttpResponse response, - @NonNull WebSocketHandler wsHandler, - @NonNull Map attributes) { + @NonNull ServerHttpResponse response, + @NonNull WebSocketHandler wsHandler, + @NonNull Map attributes) { if (request instanceof ServletServerHttpRequest servletRequest) { HttpServletRequest httpServletRequest = servletRequest.getServletRequest(); - + // 首先尝试从X-User-Id请求头获取userId(来自网关转发) String userId = httpServletRequest.getHeader("X-User-Id"); String username = httpServletRequest.getHeader("X-Username"); - + // 如果没有从请求头获取到,则尝试从查询参数中获取token并解析 if (userId == null || userId.isEmpty()) { URI uri = request.getURI(); @@ -69,12 +67,18 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { break; } } - + // 解析 token if (token != null && !token.isEmpty()) { try { // URL 解码 token = java.net.URLDecoder.decode(token, java.nio.charset.StandardCharsets.UTF_8); + + // 移除 Bearer 前缀(如果存在) + if (token.startsWith("Bearer ")) { + token = token.substring(7); + } + Claims claims = JwtUtils.parseToken(token, jwtSecret); if (claims != null) { userId = claims.get("userId", String.class); @@ -87,7 +91,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { } } } - + // 如果获取到userId,则将其放入attributes中供后续使用 if (userId != null && !userId.isEmpty()) { attributes.put("userId", userId); @@ -96,7 +100,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { } else { log.warn("WebSocket握手:未获取到userId,可能无法正确建立连接"); } - + // 如果获取到username,也将其存储 if (username != null && !username.isEmpty()) { attributes.put("username", username); @@ -109,9 +113,9 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { @Override public void afterHandshake(@NonNull ServerHttpRequest request, - @org.springframework.lang.Nullable ServerHttpResponse response, - @NonNull WebSocketHandler wsHandler, - @org.springframework.lang.Nullable Exception exception) { + @org.springframework.lang.Nullable ServerHttpResponse response, + @NonNull WebSocketHandler wsHandler, + @org.springframework.lang.Nullable Exception exception) { // 在握手完成后,检查userId是否已设置 if (request instanceof ServletServerHttpRequest servletRequest) { String userId = (String) servletRequest.getServletRequest().getAttribute("userId"); @@ -123,7 +127,6 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { } } - public static class UserPrincipal implements Principal { private final String name;