Compare commits

..

2 Commits

  1. 72
      ALOps_sys_backend/alops-framework/src/main/java/com/alops/framework/config/WebSocketHandshakeInterceptor.java

@ -1,16 +1,19 @@
package com.alops.framework.config; package com.alops.framework.config;
import com.alops.common.core.domain.model.LoginUser; import com.alops.common.core.domain.model.LoginUser;
import com.alops.common.utils.StringUtils;
import com.alops.framework.web.service.TokenService; import com.alops.framework.web.service.TokenService;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.server.ServerHttpRequest; import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse; import org.springframework.http.server.ServerHttpResponse;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.socket.WebSocketHandler; import org.springframework.web.socket.WebSocketHandler;
import org.springframework.web.socket.server.HandshakeInterceptor; import org.springframework.web.socket.server.HandshakeInterceptor;
import javax.servlet.http.HttpServletRequest;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
//拦截器设置,首先在springscrity放行 //拦截器设置,首先在springscrity放行
@ -20,43 +23,86 @@ public class WebSocketHandshakeInterceptor implements HandshakeInterceptor {
@Autowired @Autowired
private TokenService tokenService; private TokenService tokenService;
//Sec-WebSocket-Protocol方式的
// @Override
// public boolean beforeHandshake(ServerHttpRequest request,
// ServerHttpResponse response,
// WebSocketHandler wsHandler,
// Map<String, Object> attributes) {
//
// try {
// List<String> protocols = request.getHeaders().get("Sec-WebSocket-Protocol");
// if (protocols == null || protocols.isEmpty()) {
// log.warn("【WS握手失败】未携带Token");
// return false;
// }
//
// String token = protocols.get(0);
// LoginUser loginUser = tokenService.getLoginUser(token);
// if (loginUser == null) {
// log.warn("【WS握手失败】无效Token");
// return false;
// }
//
// // 验证并刷新 Token
// tokenService.verifyToken(loginUser);
//
// // 设置返回协议头(必须,否则浏览器报错)
// response.getHeaders().add("Sec-WebSocket-Protocol", token);
//
// // 把用户信息写入 session attributes
// attributes.put("loginUser", loginUser);
// log.info("【WS握手成功】用户:{}", loginUser.getUsername());
// return true;
//
// } catch (Exception e) {
// log.error("【WS握手异常】", e);
// return false;
// }
// }
//http请求的
@Override @Override
public boolean beforeHandshake(ServerHttpRequest request, public boolean beforeHandshake(ServerHttpRequest request,
ServerHttpResponse response, ServerHttpResponse response,
WebSocketHandler wsHandler, WebSocketHandler wsHandler,
Map<String, Object> attributes) { Map<String, Object> attributes) {
try { try {
List<String> protocols = request.getHeaders().get("Sec-WebSocket-Protocol"); // 1. 转为 HttpServletRequest 获取参数
if (protocols == null || protocols.isEmpty()) { if (!(request instanceof ServletServerHttpRequest)) {
log.warn("【WS握手失败】未携带Token"); log.warn("【WS握手失败】请求类型非 Servlet");
return false;
}
HttpServletRequest servletRequest = ((ServletServerHttpRequest) request).getServletRequest();
// 2. 从 URL 参数获取 token
String token = servletRequest.getParameter("token");
if (StringUtils.isEmpty(token)) {
log.warn("【WS握手失败】未携带Token参数");
return false; return false;
} }
String token = protocols.get(0); // 3. 获取用户
LoginUser loginUser = tokenService.getLoginUser(token); LoginUser loginUser = tokenService.getLoginUser(token);
if (loginUser == null) { if (loginUser == null) {
log.warn("【WS握手失败】无效Token"); log.warn("【WS握手失败】无效Token");
return false; return false;
} }
// 验证并刷新 Token // 4. 验证并刷新 Token
tokenService.verifyToken(loginUser); tokenService.verifyToken(loginUser);
// 设置返回协议头(必须,否则浏览器报错) // 5. 把用户信息写入 session attributes
response.getHeaders().add("Sec-WebSocket-Protocol", token);
// 把用户信息写入 session attributes
attributes.put("loginUser", loginUser); attributes.put("loginUser", loginUser);
log.info("【WS握手成功】用户:{}", loginUser.getUsername()); log.info("【WS握手成功】用户:{}", loginUser.getUsername());
return true; return true;
} catch (Exception e) { } catch (Exception e) {
log.error("【WS握手异常】", e); log.error("【WS握手异常】", e);
return false; return false;
} }
} }
@Override @Override
public void afterHandshake(ServerHttpRequest request, ServerHttpResponse response, public void afterHandshake(ServerHttpRequest request, ServerHttpResponse response,

Loading…
Cancel
Save