From 7972fa775af81415ef6121a28b337cd1d74423a7 Mon Sep 17 00:00:00 2001 From: jianghao <332515344@qq.com> Date: Wed, 11 Feb 2026 15:11:08 +0800 Subject: [PATCH] =?UTF-8?q?chore:=20=E4=BF=AE=E6=94=B9=20XUserIdHandshakeI?= =?UTF-8?q?nterceptor=20=E4=BB=A5=E6=94=AF=E6=8C=81=20Bearer=20=E5=89=8D?= =?UTF-8?q?=E7=BC=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/XUserIdHandshakeInterceptor.java | 31 ++++++++++--------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java b/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java index 73851f4..4e8c9e3 100644 --- a/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java +++ b/timeline-user-service/src/main/java/com/timeline/user/config/XUserIdHandshakeInterceptor.java @@ -20,8 +20,6 @@ import java.util.Map; @Slf4j public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { - private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(XUserIdHandshakeInterceptor.class); - // 从配置中获取JWT密钥 @Value("${jwt.secret:timelineSecretKey}") private String jwtSecret = "timelineSecretKey"; @@ -35,16 +33,16 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { @Override public boolean beforeHandshake(@NonNull ServerHttpRequest request, - @NonNull ServerHttpResponse response, - @NonNull WebSocketHandler wsHandler, - @NonNull Map attributes) { + @NonNull ServerHttpResponse response, + @NonNull WebSocketHandler wsHandler, + @NonNull Map attributes) { if (request instanceof ServletServerHttpRequest servletRequest) { HttpServletRequest httpServletRequest = servletRequest.getServletRequest(); - + // 首先尝试从X-User-Id请求头获取userId(来自网关转发) String userId = httpServletRequest.getHeader("X-User-Id"); String username = httpServletRequest.getHeader("X-Username"); - + // 如果没有从请求头获取到,则尝试从查询参数中获取token并解析 if (userId == null || userId.isEmpty()) { URI uri = request.getURI(); @@ -69,12 +67,18 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { break; } } - + // 解析 token if (token != null && !token.isEmpty()) { try { // URL 解码 token = java.net.URLDecoder.decode(token, java.nio.charset.StandardCharsets.UTF_8); + + // 移除 Bearer 前缀(如果存在) + if (token.startsWith("Bearer ")) { + token = token.substring(7); + } + Claims claims = JwtUtils.parseToken(token, jwtSecret); if (claims != null) { userId = claims.get("userId", String.class); @@ -87,7 +91,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { } } } - + // 如果获取到userId,则将其放入attributes中供后续使用 if (userId != null && !userId.isEmpty()) { attributes.put("userId", userId); @@ -96,7 +100,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { } else { log.warn("WebSocket握手:未获取到userId,可能无法正确建立连接"); } - + // 如果获取到username,也将其存储 if (username != null && !username.isEmpty()) { attributes.put("username", username); @@ -109,9 +113,9 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { @Override public void afterHandshake(@NonNull ServerHttpRequest request, - @org.springframework.lang.Nullable ServerHttpResponse response, - @NonNull WebSocketHandler wsHandler, - @org.springframework.lang.Nullable Exception exception) { + @org.springframework.lang.Nullable ServerHttpResponse response, + @NonNull WebSocketHandler wsHandler, + @org.springframework.lang.Nullable Exception exception) { // 在握手完成后,检查userId是否已设置 if (request instanceof ServletServerHttpRequest servletRequest) { String userId = (String) servletRequest.getServletRequest().getAttribute("userId"); @@ -123,7 +127,6 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor { } } - public static class UserPrincipal implements Principal { private final String name;