From dc0413d084ed84b4232aaa8bbb6ff97aa6a977f2 Mon Sep 17 00:00:00 2001 From: huazhongmin Date: Thu, 30 Oct 2025 13:37:17 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E8=A7=A3=E5=86=B3?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=91=98token=E8=AE=BF=E9=97=AE=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E6=8E=A5=E5=8F=A3401=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 修改AuthInterceptor使用JwtUtil直接验证token,支持管理员和普通用户 - 移除AuthService的Redis检查依赖,使用JWT本身的验证机制 - 添加用户类型(userType)信息到请求属性中 - 完善用户上下文设置和清理逻辑 - 添加详细的调试日志 修复内容: 1. 统一token验证:管理员和普通用户token都通过JwtUtil验证 2. 移除权限限制:当前阶段不限制token类型对接口的访问权限 3. 保留扩展性:userType字段为后期权限控制预留配置 4. 验证通过:管理员登录后可以正常访问所有接口 --- .../emotion/interceptor/AuthInterceptor.java | 44 +++++++++++++++++-- 1 file changed, 40 insertions(+), 4 deletions(-) diff --git a/backend-single/src/main/java/com/emotion/interceptor/AuthInterceptor.java b/backend-single/src/main/java/com/emotion/interceptor/AuthInterceptor.java index b02ac1b..c0c0f51 100644 --- a/backend-single/src/main/java/com/emotion/interceptor/AuthInterceptor.java +++ b/backend-single/src/main/java/com/emotion/interceptor/AuthInterceptor.java @@ -1,6 +1,10 @@ package com.emotion.interceptor; import com.emotion.service.AuthService; +import com.emotion.util.JwtUtil; +import com.emotion.util.UserContextHolder; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; @@ -17,9 +21,14 @@ import javax.servlet.http.HttpServletResponse; @Component public class AuthInterceptor implements HandlerInterceptor { + private static final Logger log = LoggerFactory.getLogger(AuthInterceptor.class); + @Autowired private AuthService authService; + @Autowired + private JwtUtil jwtUtil; + @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 跨域预检请求直接放行 @@ -44,24 +53,51 @@ public class AuthInterceptor implements HandlerInterceptor { return false; } - // 验证访问令牌 - if (!authService.validateToken(token)) { + // 验证访问令牌 - 使用JwtUtil直接验证,支持管理员和普通用户token + if (!jwtUtil.validateToken(token)) { + log.warn("Token验证失败: {}", requestURI); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write("{\"code\":401,\"message\":\"访问令牌无效或已过期\",\"data\":null}"); return false; } + // 从token中获取用户信息 + String userId = jwtUtil.getUserIdFromToken(token); + String username = jwtUtil.getUsernameFromToken(token); + String userType = jwtUtil.getUserTypeFromToken(token); + + if (userId == null) { + log.warn("无法从Token获取用户ID: {}", requestURI); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"访问令牌无效\",\"data\":null}"); + return false; + } + // 将用户信息存储到请求属性中,供后续使用 - String userId = authService.getUserIdFromToken(token); - String username = authService.getUsernameFromToken(token); request.setAttribute("userId", userId); request.setAttribute("username", username); request.setAttribute("token", token); + request.setAttribute("userType", userType); + + // 设置用户上下文 + UserContextHolder.setCurrentUserId(userId); + UserContextHolder.setCurrentUsername(username); + UserContextHolder.setCurrentToken(token); + + log.debug("Token验证成功: userId={}, username={}, userType={}, uri={}", + userId, username, userType, requestURI); return true; } + @Override + public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { + UserContextHolder.clear(); + log.debug("请求完成,已清除用户上下文"); + } + /** * 检查是否为白名单路径 */