小bug修改

huliguo

2025-05-09 bf2f1ffb99634b8350539b28bd9d1f20b30a5aa1

 src/main/java/com/cl/interceptor/JwtTokenInterceptor.java

New file
@@ -0,0 +1,98 @@
package com.cl.interceptor;



import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.cl.common.constant.DelFlagConstant;
import com.cl.common.constant.JwtClaimsConstant;
import com.cl.common.constant.MessageConstant;
import com.cl.common.constant.StatusConstant;
import com.cl.common.context.BaseContext;
import com.cl.common.exception.user.InterceptorException;
import com.cl.common.exception.user.LoginErrorException;
import com.cl.mapper.UserMapper;
import com.cl.pojo.entity.User;
import com.cl.service.impl.TokenBlacklistService;
import com.cl.util.JwtUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;

/**
 * jwt令牌校验的拦截器
 */
@Component
@Slf4j
public class JwtTokenInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtUtil jwtUtil;
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private TokenBlacklistService blacklistService;

    /**
     * 校验jwt
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }
        //1、从请求头中获取令牌
        String token = request.getHeader(jwtUtil.getTokenName());
        if (token == null || token.isEmpty()) {
            log.warn("JWT令牌为空，访问URI: {}", request.getRequestURI());
            throw new InterceptorException(MessageConstant.USER_NOT_LOGIN);
        }
        // 检查令牌是否在黑名单中
        if (blacklistService.isBlacklisted(token)) {
            throw new InterceptorException("您已退出登录");
        }
        //2、校验令牌
        try {
            log.info("jwt校验:{}", token);
            Claims claims = JwtUtil.parseJWT(token);
            String phone=String.valueOf(claims.get(JwtClaimsConstant.USER_PHONE).toString());
            String id=String.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());
            User user = userMapper.selectById(id);
            if (user==null || user.getDelFlag().equals(DelFlagConstant.DELETE)){
                throw new InterceptorException("用户不存在");
            }
            if (Objects.equals(user.getStatus(), StatusConstant.DISABLE)){
                throw new InterceptorException("该用户已被冻结");
            }
            log.info("当前用户phone：{}", phone);
            log.info("当前用户id：{}", id);
            BaseContext.setCurrentUser(user);
            //3、通过，放行
            return true;
        }catch (ExpiredJwtException ex) {
            log.warn("JWT已过期，Token: {}", token);
            throw new InterceptorException(MessageConstant.TOKEN_EXPIRED);
        } catch (InterceptorException ex) {
            log.warn("用户被删除或已被冻结，Token: {}", token);
            throw new InterceptorException("用户被删除或已被冻结");
        }catch (Exception ex) {
            //4、不通过，响应401状态码
            throw new InterceptorException(MessageConstant.USER_NOT_LOGIN);
        }
    }
}