|
|
|
|
@ -1,16 +1,19 @@ |
|
|
|
|
package com.alops.framework.config; |
|
|
|
|
|
|
|
|
|
import com.alops.common.core.domain.model.LoginUser; |
|
|
|
|
import com.alops.common.utils.StringUtils; |
|
|
|
|
import com.alops.framework.web.service.TokenService; |
|
|
|
|
import lombok.extern.slf4j.Slf4j; |
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired; |
|
|
|
|
import org.springframework.http.server.ServerHttpRequest; |
|
|
|
|
import org.springframework.http.server.ServerHttpResponse; |
|
|
|
|
|
|
|
|
|
import org.springframework.http.server.ServletServerHttpRequest; |
|
|
|
|
import org.springframework.stereotype.Component; |
|
|
|
|
import org.springframework.web.socket.WebSocketHandler; |
|
|
|
|
import org.springframework.web.socket.server.HandshakeInterceptor; |
|
|
|
|
|
|
|
|
|
import javax.servlet.http.HttpServletRequest; |
|
|
|
|
import java.util.List; |
|
|
|
|
import java.util.Map; |
|
|
|
|
//拦截器设置,首先在springscrity放行
|
|
|
|
|
@ -20,43 +23,86 @@ public class WebSocketHandshakeInterceptor implements HandshakeInterceptor { |
|
|
|
|
|
|
|
|
|
@Autowired |
|
|
|
|
private TokenService tokenService; |
|
|
|
|
|
|
|
|
|
//Sec-WebSocket-Protocol方式的
|
|
|
|
|
// @Override
|
|
|
|
|
// public boolean beforeHandshake(ServerHttpRequest request,
|
|
|
|
|
// ServerHttpResponse response,
|
|
|
|
|
// WebSocketHandler wsHandler,
|
|
|
|
|
// Map<String, Object> attributes) {
|
|
|
|
|
//
|
|
|
|
|
// try {
|
|
|
|
|
// List<String> protocols = request.getHeaders().get("Sec-WebSocket-Protocol");
|
|
|
|
|
// if (protocols == null || protocols.isEmpty()) {
|
|
|
|
|
// log.warn("【WS握手失败】未携带Token");
|
|
|
|
|
// return false;
|
|
|
|
|
// }
|
|
|
|
|
//
|
|
|
|
|
// String token = protocols.get(0);
|
|
|
|
|
// LoginUser loginUser = tokenService.getLoginUser(token);
|
|
|
|
|
// if (loginUser == null) {
|
|
|
|
|
// log.warn("【WS握手失败】无效Token");
|
|
|
|
|
// return false;
|
|
|
|
|
// }
|
|
|
|
|
//
|
|
|
|
|
// // 验证并刷新 Token
|
|
|
|
|
// tokenService.verifyToken(loginUser);
|
|
|
|
|
//
|
|
|
|
|
// // 设置返回协议头(必须,否则浏览器报错)
|
|
|
|
|
// response.getHeaders().add("Sec-WebSocket-Protocol", token);
|
|
|
|
|
//
|
|
|
|
|
// // 把用户信息写入 session attributes
|
|
|
|
|
// attributes.put("loginUser", loginUser);
|
|
|
|
|
// log.info("【WS握手成功】用户:{}", loginUser.getUsername());
|
|
|
|
|
// return true;
|
|
|
|
|
//
|
|
|
|
|
// } catch (Exception e) {
|
|
|
|
|
// log.error("【WS握手异常】", e);
|
|
|
|
|
// return false;
|
|
|
|
|
// }
|
|
|
|
|
// }
|
|
|
|
|
//http请求的
|
|
|
|
|
@Override |
|
|
|
|
public boolean beforeHandshake(ServerHttpRequest request, |
|
|
|
|
public boolean beforeHandshake(ServerHttpRequest request, |
|
|
|
|
ServerHttpResponse response, |
|
|
|
|
WebSocketHandler wsHandler, |
|
|
|
|
Map<String, Object> attributes) { |
|
|
|
|
|
|
|
|
|
try { |
|
|
|
|
List<String> protocols = request.getHeaders().get("Sec-WebSocket-Protocol"); |
|
|
|
|
if (protocols == null || protocols.isEmpty()) { |
|
|
|
|
log.warn("【WS握手失败】未携带Token"); |
|
|
|
|
// 1. 转为 HttpServletRequest 获取参数
|
|
|
|
|
if (!(request instanceof ServletServerHttpRequest)) { |
|
|
|
|
log.warn("【WS握手失败】请求类型非 Servlet"); |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
HttpServletRequest servletRequest = ((ServletServerHttpRequest) request).getServletRequest(); |
|
|
|
|
|
|
|
|
|
// 2. 从 URL 参数获取 token
|
|
|
|
|
String token = servletRequest.getParameter("token"); |
|
|
|
|
if (StringUtils.isEmpty(token)) { |
|
|
|
|
log.warn("【WS握手失败】未携带Token参数"); |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
String token = protocols.get(0); |
|
|
|
|
// 3. 获取用户
|
|
|
|
|
LoginUser loginUser = tokenService.getLoginUser(token); |
|
|
|
|
if (loginUser == null) { |
|
|
|
|
log.warn("【WS握手失败】无效Token"); |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// 验证并刷新 Token
|
|
|
|
|
// 4. 验证并刷新 Token
|
|
|
|
|
tokenService.verifyToken(loginUser); |
|
|
|
|
|
|
|
|
|
// 设置返回协议头(必须,否则浏览器报错)
|
|
|
|
|
response.getHeaders().add("Sec-WebSocket-Protocol", token); |
|
|
|
|
|
|
|
|
|
// 把用户信息写入 session attributes
|
|
|
|
|
// 5. 把用户信息写入 session attributes
|
|
|
|
|
attributes.put("loginUser", loginUser); |
|
|
|
|
log.info("【WS握手成功】用户:{}", loginUser.getUsername()); |
|
|
|
|
|
|
|
|
|
return true; |
|
|
|
|
|
|
|
|
|
} catch (Exception e) { |
|
|
|
|
log.error("【WS握手异常】", e); |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override |
|
|
|
|
public void afterHandshake(ServerHttpRequest request, ServerHttpResponse response, |
|
|
|
|
|