实现了jwt令牌校验功能

src/main/java/icu/sunway/ai_spring_example/Common/Context/BaseContext.java

@@ -0,0 +1,19 @@
+package icu.sunway.ai_spring_example.Common.Context;
+
+public class BaseContext {
+
+    public static ThreadLocal<Long> threadLocal = new ThreadLocal<>();
+
+    public static void setCurrentId(Long id) {
+        threadLocal.set(id);
+    }
+
+    public static Long getCurrentId() {
+        return threadLocal.get();
+    }
+
+    public static void removeCurrentId() {
+        threadLocal.remove();
+    }
+
+}

src/main/java/icu/sunway/ai_spring_example/Common/Interceptor/JwtTokenAdminInterceptor.java

@@ -0,0 +1,58 @@
+package icu.sunway.ai_spring_example.Common.Interceptor;
+
+import icu.sunway.ai_spring_example.Common.Constant.JwtClaimsConstant;
+import icu.sunway.ai_spring_example.Common.Context.BaseContext;
+import icu.sunway.ai_spring_example.Common.Properties.JwtProperties;
+import icu.sunway.ai_spring_example.Common.Utils.JwtUtil;
+import io.jsonwebtoken.Claims;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+@Component
+@Slf4j
+public class JwtTokenAdminInterceptor implements HandlerInterceptor {
+
+    @Autowired
+    private JwtProperties jwtProperties;
+
+    /**
+     * 校验jwt
+     *
+     * @param request
+     * @param response
+     * @param handler
+     * @return
+     * @throws Exception
+     */
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        System.out.println("当前线程的id=" + Thread.currentThread().getId());
+        //判断当前拦截到的是Controller的方法还是其他资源
+        if (!(handler instanceof HandlerMethod)) {
+            //当前拦截到的不是动态方法，直接放行
+            return true;
+        }
+
+        //1、从请求头中获取令牌
+        String token = request.getHeader(jwtProperties.getUserTokenName());
+
+        //2、校验令牌
+        try {
+            log.info("jwt校验:{}", token);
+            Claims claims = JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token);
+            Long userId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());
+            log.info("当前用户id：", userId);
+            BaseContext.setCurrentId(userId);
+            //3、通过，放行
+            return true;
+        } catch (Exception ex) {
+            //4、不通过，响应401状态码
+            response.setStatus(401);
+            return false;
+        }
+    }
+}

src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java

@@ -20,9 +20,9 @@ public class SecurityConfig {
             .formLogin(form -> form.disable())
             .httpBasic(basic -> basic.disable())
             // 允许所有请求通过，取消默认登录验证
-            .authorizeHttpRequests((authz) -> authz
+//            .authorizeHttpRequests((authz) -> authz
-                .anyRequest().permitAll()
+//                .anyRequest().permitAll()
-            )
+//            )
             // 禁用CSRF保护
             .csrf(csrf -> csrf.disable())
             // 设置会话创建策略为无状态

src/main/java/icu/sunway/ai_spring_example/Config/WebMvcConfiguration.java

@@ -0,0 +1,30 @@
+package icu.sunway.ai_spring_example.Config;
+
+import icu.sunway.ai_spring_example.Common.Interceptor.JwtTokenAdminInterceptor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
+
+@Configuration
+@Slf4j
+public class  WebMvcConfiguration extends WebMvcConfigurationSupport {
+
+    @Autowired
+    private JwtTokenAdminInterceptor jwtTokenAdminInterceptor;
+
+    /**
+     * 注册自定义拦截器
+     *
+     * @param registry
+     */
+    protected void addInterceptors(InterceptorRegistry registry) {
+        log.info("开始注册自定义拦截器...");
+        registry.addInterceptor(jwtTokenAdminInterceptor)
+                .addPathPatterns("/**")
+                .excludePathPatterns("/user/login")
+                .excludePathPatterns("/user/register")
+                .excludePathPatterns("/error");
+    }
+}