From 1da12c0ab6c5625fcd1295223f39c4249421f5be Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期三, 24 九月 2025 18:46:34 +0800
Subject: [PATCH] 修改bug
---
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java | 73 +++++++++++++++++++-----------------
1 files changed, 39 insertions(+), 34 deletions(-)
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
index 10af03d..f171da4 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -1,5 +1,6 @@
package com.ruoyi.gateway.filter;
+import com.alibaba.fastjson.JSON;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -25,12 +26,11 @@
/**
* 网关鉴权
- *
+ *
* @author jqs
*/
@Component
-public class AuthFilter implements GlobalFilter, Ordered
-{
+public class AuthFilter implements GlobalFilter, Ordered {
private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
// 排除过滤的 uri 地址,nacos自行添加
@@ -42,39 +42,52 @@
@Override
- public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain)
- {
+ public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
ServerHttpRequest.Builder mutate = request.mutate();
-
String url = request.getURI().getPath();
- log.info("requestUrl---"+url);
+ log.info("requestUrl---" + url);
+ log.info("whiteUrl---" + JSON.toJSONString(ignoreWhite.getWhites()));
// 跳过不需要验证的路径
- if (StringUtils.matches(url, ignoreWhite.getWhites()))
- {
+ if (StringUtils.matches(url, ignoreWhite.getWhites())) {
+ //附近商户获取
+ if (url.contains("getNearbyShop") || url.contains("pageRecommendGoods") || url.contains("pageActivityGoods") || url.contains("getGoodsInfo")
+ || url.contains("getShopInfo") || url.contains("pageAppActivityGoods") || url.contains("/app/goods/listShoppingCart") || url.contains("/app/live/page")) {
+ String token = getToken(request);
+ if (!StringUtils.isEmpty(token)) {
+ Claims claims = JwtUtils.parseToken(token);
+ if (claims != null) {
+ String userid = JwtUtils.getUserId(claims);
+ String userkey = JwtUtils.getUserKey(claims);
+ String username = JwtUtils.getUserName(claims);
+ if (!StringUtils.isEmpty(userid)) {
+ addHeader(mutate, SecurityConstants.USER_KEY, userkey);
+ addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
+ addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
+ }
+ }
+ }
+
+ }
return chain.filter(exchange);
}
String token = getToken(request);
- log.info("requestToken---"+token);
- if (StringUtils.isEmpty(token))
- {
+ log.info("requestToken---" + token);
+ if (StringUtils.isEmpty(token)) {
return unauthorizedResponse(exchange, "需要先登录才能使用该功能");
}
Claims claims = JwtUtils.parseToken(token);
- if (claims == null)
- {
+ if (claims == null) {
return unauthorizedResponse(exchange, "需要先登录才能使用该功能!");
}
String userkey = JwtUtils.getUserKey(claims);
boolean islogin = redisService.hasKey(getTokenKey(userkey));
- if (!islogin)
- {
+ if (!islogin) {
return unauthorizedResponse(exchange, "登录状态已过期");
}
String userid = JwtUtils.getUserId(claims);
String username = JwtUtils.getUserName(claims);
- if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username))
- {
+ if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) {
return unauthorizedResponse(exchange, "登录验证失败");
}
@@ -87,10 +100,8 @@
return chain.filter(exchange.mutate().request(mutate.build()).build());
}
- private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value)
- {
- if (value == null)
- {
+ private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value) {
+ if (value == null) {
return;
}
String valueStr = value.toString();
@@ -98,13 +109,11 @@
mutate.header(name, valueEncode);
}
- private void removeHeader(ServerHttpRequest.Builder mutate, String name)
- {
+ private void removeHeader(ServerHttpRequest.Builder mutate, String name) {
mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
}
- private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg)
- {
+ private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
}
@@ -112,28 +121,24 @@
/**
* 获取缓存key
*/
- private String getTokenKey(String token)
- {
+ private String getTokenKey(String token) {
return CacheConstants.LOGIN_TOKEN_KEY + token;
}
/**
* 获取请求token
*/
- private String getToken(ServerHttpRequest request)
- {
+ private String getToken(ServerHttpRequest request) {
String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
// 如果前端设置了令牌前缀,则裁剪掉前缀
- if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
- {
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
}
return token;
}
@Override
- public int getOrder()
- {
+ public int getOrder() {
return -200;
}
}
\ No newline at end of file
--
Gitblit v1.7.1