From 85c216b6a84a599dd488ad1b4466e467c678d92c Mon Sep 17 00:00:00 2001 From: puzvv <1@> Date: Thu, 18 Dec 2025 21:52:15 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=9E=E7=8E=B0=E4=BA=86jwt=E4=BB=A4?= =?UTF-8?q?=E7=89=8C=E6=A0=A1=E9=AA=8C=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Common/Context/BaseContext.java | 19 ++++++ .../Interceptor/JwtTokenAdminInterceptor.java | 58 +++++++++++++++++++ .../Config/SecurityConfig.java | 6 +- .../Config/WebMvcConfiguration.java | 30 ++++++++++ 4 files changed, 110 insertions(+), 3 deletions(-) create mode 100644 src/main/java/icu/sunway/ai_spring_example/Common/Context/BaseContext.java create mode 100644 src/main/java/icu/sunway/ai_spring_example/Common/Interceptor/JwtTokenAdminInterceptor.java create mode 100644 src/main/java/icu/sunway/ai_spring_example/Config/WebMvcConfiguration.java diff --git a/src/main/java/icu/sunway/ai_spring_example/Common/Context/BaseContext.java b/src/main/java/icu/sunway/ai_spring_example/Common/Context/BaseContext.java new file mode 100644 index 0000000..22cb1b2 --- /dev/null +++ b/src/main/java/icu/sunway/ai_spring_example/Common/Context/BaseContext.java @@ -0,0 +1,19 @@ +package icu.sunway.ai_spring_example.Common.Context; + +public class BaseContext { + + public static ThreadLocal threadLocal = new ThreadLocal<>(); + + public static void setCurrentId(Long id) { + threadLocal.set(id); + } + + public static Long getCurrentId() { + return threadLocal.get(); + } + + public static void removeCurrentId() { + threadLocal.remove(); + } + +} \ No newline at end of file diff --git a/src/main/java/icu/sunway/ai_spring_example/Common/Interceptor/JwtTokenAdminInterceptor.java b/src/main/java/icu/sunway/ai_spring_example/Common/Interceptor/JwtTokenAdminInterceptor.java new file mode 100644 index 0000000..96f4d00 --- /dev/null +++ b/src/main/java/icu/sunway/ai_spring_example/Common/Interceptor/JwtTokenAdminInterceptor.java @@ -0,0 +1,58 @@ +package icu.sunway.ai_spring_example.Common.Interceptor; + +import icu.sunway.ai_spring_example.Common.Constant.JwtClaimsConstant; +import icu.sunway.ai_spring_example.Common.Context.BaseContext; +import icu.sunway.ai_spring_example.Common.Properties.JwtProperties; +import icu.sunway.ai_spring_example.Common.Utils.JwtUtil; +import io.jsonwebtoken.Claims; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerInterceptor; + +@Component +@Slf4j +public class JwtTokenAdminInterceptor implements HandlerInterceptor { + + @Autowired + private JwtProperties jwtProperties; + + /** + * 校验jwt + * + * @param request + * @param response + * @param handler + * @return + * @throws Exception + */ + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + System.out.println("当前线程的id=" + Thread.currentThread().getId()); + //判断当前拦截到的是Controller的方法还是其他资源 + if (!(handler instanceof HandlerMethod)) { + //当前拦截到的不是动态方法,直接放行 + return true; + } + + //1、从请求头中获取令牌 + String token = request.getHeader(jwtProperties.getUserTokenName()); + + //2、校验令牌 + try { + log.info("jwt校验:{}", token); + Claims claims = JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token); + Long userId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString()); + log.info("当前用户id:", userId); + BaseContext.setCurrentId(userId); + //3、通过,放行 + return true; + } catch (Exception ex) { + //4、不通过,响应401状态码 + response.setStatus(401); + return false; + } + } +} \ No newline at end of file diff --git a/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java b/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java index 646dc3e..f68754c 100644 --- a/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java +++ b/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java @@ -20,9 +20,9 @@ public class SecurityConfig { .formLogin(form -> form.disable()) .httpBasic(basic -> basic.disable()) // 允许所有请求通过,取消默认登录验证 - .authorizeHttpRequests((authz) -> authz - .anyRequest().permitAll() - ) +// .authorizeHttpRequests((authz) -> authz +// .anyRequest().permitAll() +// ) // 禁用CSRF保护 .csrf(csrf -> csrf.disable()) // 设置会话创建策略为无状态 diff --git a/src/main/java/icu/sunway/ai_spring_example/Config/WebMvcConfiguration.java b/src/main/java/icu/sunway/ai_spring_example/Config/WebMvcConfiguration.java new file mode 100644 index 0000000..cc7dd60 --- /dev/null +++ b/src/main/java/icu/sunway/ai_spring_example/Config/WebMvcConfiguration.java @@ -0,0 +1,30 @@ +package icu.sunway.ai_spring_example.Config; + +import icu.sunway.ai_spring_example.Common.Interceptor.JwtTokenAdminInterceptor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; + +@Configuration +@Slf4j +public class WebMvcConfiguration extends WebMvcConfigurationSupport { + + @Autowired + private JwtTokenAdminInterceptor jwtTokenAdminInterceptor; + + /** + * 注册自定义拦截器 + * + * @param registry + */ + protected void addInterceptors(InterceptorRegistry registry) { + log.info("开始注册自定义拦截器..."); + registry.addInterceptor(jwtTokenAdminInterceptor) + .addPathPatterns("/**") + .excludePathPatterns("/user/login") + .excludePathPatterns("/user/register") + .excludePathPatterns("/error"); + } +}