chore: 修改 XUserIdHandshakeInterceptor 以支持 Bearer 前缀
All checks were successful
test/timeline-server/pipeline/head This commit looks good
All checks were successful
test/timeline-server/pipeline/head This commit looks good
This commit is contained in:
@@ -20,8 +20,6 @@ import java.util.Map;
|
|||||||
@Slf4j
|
@Slf4j
|
||||||
public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
||||||
|
|
||||||
private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(XUserIdHandshakeInterceptor.class);
|
|
||||||
|
|
||||||
// 从配置中获取JWT密钥
|
// 从配置中获取JWT密钥
|
||||||
@Value("${jwt.secret:timelineSecretKey}")
|
@Value("${jwt.secret:timelineSecretKey}")
|
||||||
private String jwtSecret = "timelineSecretKey";
|
private String jwtSecret = "timelineSecretKey";
|
||||||
@@ -35,16 +33,16 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean beforeHandshake(@NonNull ServerHttpRequest request,
|
public boolean beforeHandshake(@NonNull ServerHttpRequest request,
|
||||||
@NonNull ServerHttpResponse response,
|
@NonNull ServerHttpResponse response,
|
||||||
@NonNull WebSocketHandler wsHandler,
|
@NonNull WebSocketHandler wsHandler,
|
||||||
@NonNull Map<String, Object> attributes) {
|
@NonNull Map<String, Object> attributes) {
|
||||||
if (request instanceof ServletServerHttpRequest servletRequest) {
|
if (request instanceof ServletServerHttpRequest servletRequest) {
|
||||||
HttpServletRequest httpServletRequest = servletRequest.getServletRequest();
|
HttpServletRequest httpServletRequest = servletRequest.getServletRequest();
|
||||||
|
|
||||||
// 首先尝试从X-User-Id请求头获取userId(来自网关转发)
|
// 首先尝试从X-User-Id请求头获取userId(来自网关转发)
|
||||||
String userId = httpServletRequest.getHeader("X-User-Id");
|
String userId = httpServletRequest.getHeader("X-User-Id");
|
||||||
String username = httpServletRequest.getHeader("X-Username");
|
String username = httpServletRequest.getHeader("X-Username");
|
||||||
|
|
||||||
// 如果没有从请求头获取到,则尝试从查询参数中获取token并解析
|
// 如果没有从请求头获取到,则尝试从查询参数中获取token并解析
|
||||||
if (userId == null || userId.isEmpty()) {
|
if (userId == null || userId.isEmpty()) {
|
||||||
URI uri = request.getURI();
|
URI uri = request.getURI();
|
||||||
@@ -69,12 +67,18 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// 解析 token
|
// 解析 token
|
||||||
if (token != null && !token.isEmpty()) {
|
if (token != null && !token.isEmpty()) {
|
||||||
try {
|
try {
|
||||||
// URL 解码
|
// URL 解码
|
||||||
token = java.net.URLDecoder.decode(token, java.nio.charset.StandardCharsets.UTF_8);
|
token = java.net.URLDecoder.decode(token, java.nio.charset.StandardCharsets.UTF_8);
|
||||||
|
|
||||||
|
// 移除 Bearer 前缀(如果存在)
|
||||||
|
if (token.startsWith("Bearer ")) {
|
||||||
|
token = token.substring(7);
|
||||||
|
}
|
||||||
|
|
||||||
Claims claims = JwtUtils.parseToken(token, jwtSecret);
|
Claims claims = JwtUtils.parseToken(token, jwtSecret);
|
||||||
if (claims != null) {
|
if (claims != null) {
|
||||||
userId = claims.get("userId", String.class);
|
userId = claims.get("userId", String.class);
|
||||||
@@ -87,7 +91,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// 如果获取到userId,则将其放入attributes中供后续使用
|
// 如果获取到userId,则将其放入attributes中供后续使用
|
||||||
if (userId != null && !userId.isEmpty()) {
|
if (userId != null && !userId.isEmpty()) {
|
||||||
attributes.put("userId", userId);
|
attributes.put("userId", userId);
|
||||||
@@ -96,7 +100,7 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
|||||||
} else {
|
} else {
|
||||||
log.warn("WebSocket握手:未获取到userId,可能无法正确建立连接");
|
log.warn("WebSocket握手:未获取到userId,可能无法正确建立连接");
|
||||||
}
|
}
|
||||||
|
|
||||||
// 如果获取到username,也将其存储
|
// 如果获取到username,也将其存储
|
||||||
if (username != null && !username.isEmpty()) {
|
if (username != null && !username.isEmpty()) {
|
||||||
attributes.put("username", username);
|
attributes.put("username", username);
|
||||||
@@ -109,9 +113,9 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void afterHandshake(@NonNull ServerHttpRequest request,
|
public void afterHandshake(@NonNull ServerHttpRequest request,
|
||||||
@org.springframework.lang.Nullable ServerHttpResponse response,
|
@org.springframework.lang.Nullable ServerHttpResponse response,
|
||||||
@NonNull WebSocketHandler wsHandler,
|
@NonNull WebSocketHandler wsHandler,
|
||||||
@org.springframework.lang.Nullable Exception exception) {
|
@org.springframework.lang.Nullable Exception exception) {
|
||||||
// 在握手完成后,检查userId是否已设置
|
// 在握手完成后,检查userId是否已设置
|
||||||
if (request instanceof ServletServerHttpRequest servletRequest) {
|
if (request instanceof ServletServerHttpRequest servletRequest) {
|
||||||
String userId = (String) servletRequest.getServletRequest().getAttribute("userId");
|
String userId = (String) servletRequest.getServletRequest().getAttribute("userId");
|
||||||
@@ -123,7 +127,6 @@ public class XUserIdHandshakeInterceptor implements HandshakeInterceptor {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static class UserPrincipal implements Principal {
|
public static class UserPrincipal implements Principal {
|
||||||
private final String name;
|
private final String name;
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user