| | |
|---|
| | | String token = request.getHeader(jwtUtil.getTokenName()); |
|---|
| | | if (token == null || token.isEmpty()) { |
|---|
| | | log.warn("JWT令牌为空,访问URI: {}", request.getRequestURI()); |
|---|
| | | throw new LoginErrorException(MessageConstant.USER_NOT_LOGIN); |
|---|
| | | throw new InterceptorException(MessageConstant.USER_NOT_LOGIN); |
|---|
| | | } |
|---|
| | | // 检查令牌是否在黑名单中 |
|---|
| | | if (blacklistService.isBlacklisted(token)) { |
|---|
| | | response.sendError(HttpStatus.UNAUTHORIZED.value(), "令牌已失效"); |
|---|
| | | throw new LoginErrorException("您已退出登录"); |
|---|
| | | throw new InterceptorException("您已退出登录"); |
|---|
| | | } |
|---|
| | | //2、校验令牌 |
|---|
| | | try { |
|---|
| | |
|---|
| | | return true; |
|---|
| | | }catch (ExpiredJwtException ex) { |
|---|
| | | log.warn("JWT已过期,Token: {}", token); |
|---|
| | | throw new LoginErrorException(MessageConstant.TOKEN_EXPIRED); |
|---|
| | | throw new InterceptorException(MessageConstant.TOKEN_EXPIRED); |
|---|
| | | } catch (InterceptorException ex) { |
|---|
| | | log.warn("JWT已过期,Token: {}", token); |
|---|
| | | throw new InterceptorException("该用户已被冻结"); |
|---|
| | | log.warn("用户被删除或已被冻结,Token: {}", token); |
|---|
| | | throw new InterceptorException("用户被删除或已被冻结"); |
|---|
| | | }catch (Exception ex) { |
|---|
| | | //4、不通过,响应401状态码 |
|---|
| | | throw new LoginErrorException(MessageConstant.USER_NOT_LOGIN); |
|---|
| | | throw new InterceptorException(MessageConstant.USER_NOT_LOGIN); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
