修复WebSocket身份认证问题

- 添加WebSocketAuthInterceptor处理token认证 - 修改WebSocket连接逻辑，支持token传递 - 统一用户身份识别，确保登录用户使用USER类型 - 修复前端环境变量配置，统一WebSocket URL - 添加Token测试页面用于验证功能 - 更新聊天消息处理逻辑，正确识别用户身份解决了登录用户发送消息时同时保存GUEST和USER两种类型数据的问题
2025-07-24 17:51:38 +08:00
parent 6560e66959
commit 847f5126cf
30 changed files with 1447 additions and 216 deletions
@@ -43,22 +43,41 @@ public class WebSocketService {
     */
    public void handleChatMessage(ChatRequest request, String sessionId, Principal principal) {
        try {
-            log.info("处理聊天消息: {}", request);
-            
+            log.info("处理聊天消息: request={}, sessionId={}, principal={}", request, sessionId, principal);
+
            // 验证请求参数
            if (request.getContent() == null || request.getContent().trim().isEmpty()) {
                sendErrorMessage(request.getSenderId(), "消息内容不能为空");
                return;
            }
-            
+
+            // 确定用户身份和类型
+            String userId = request.getSenderId();
+            WebSocketMessage.SenderType senderType = WebSocketMessage.SenderType.GUEST;
+
+            if (principal != null) {
+                userId = principal.getName();
+                // 如果用户ID不是以guest_开头，说明是认证用户
+                if (!userId.startsWith("guest_")) {
+                    senderType = WebSocketMessage.SenderType.USER;
+                }
+            }
+
+            // 更新请求中的用户信息
+            request.setSenderId(userId);
+            request.setSenderType(senderType == WebSocketMessage.SenderType.USER ? ChatRequest.SenderType.USER
+                    : ChatRequest.SenderType.GUEST);
+
+            log.info("确定用户身份: userId={}, senderType={}", userId, senderType);
+
            // 构建用户消息
            WebSocketMessage userMessage = WebSocketMessage.builder()
                    .messageId(UUID.randomUUID().toString())
                    .conversationId(request.getConversationId())
                    .type(WebSocketMessage.MessageType.TEXT)
                    .content(request.getContent())
-                    .senderId(request.getSenderId())
-                    .senderType(WebSocketMessage.SenderType.valueOf(request.getSenderType().name()))
+                    .senderId(userId)
+                    .senderType(senderType)
                    .status(WebSocketMessage.MessageStatus.SENT)
                    .createTime(LocalDateTime.now())
                    .build();
@@ -89,14 +108,22 @@ public class WebSocketService {
    public void handleUserConnect(ConnectRequest request, String sessionId, Principal principal) {
        try {
            String userId = request.getUserId();
-            if (userId == null && principal != null) {
+            boolean isAuthenticated = false;
+
+            // 优先从Principal获取认证用户信息
+            if (principal != null) {
                userId = principal.getName();
+                // 检查是否是认证用户（不是访客）
+                isAuthenticated = !userId.startsWith("guest_");
            }
+
+            // 如果还没有userId，生成访客ID
            if (userId == null) {
                userId = "guest_" + sessionId;
            }
-            
-            log.info("用户连接WebSocket: userId={}, sessionId={}", userId, sessionId);
+
+            log.info("用户连接WebSocket: userId={}, sessionId={}, authenticated={}",
+                    userId, sessionId, isAuthenticated);
            
            // 记录在线用户
            onlineUsers.put(sessionId, userId);