|
|
|
@ -39,10 +39,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|
|
|
@NonNull FilterChain filterChain) throws ServletException, IOException {
|
|
|
|
@NonNull FilterChain filterChain) throws ServletException, IOException {
|
|
|
|
|
|
|
|
|
|
|
|
// 1. 检查是否在白名单中
|
|
|
|
// 1. 检查是否在白名单中
|
|
|
|
if (isPermitAllRequest(request)) {
|
|
|
|
boolean permitAllRequest = isPermitAllRequest(request);
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
// 获取 Authorization 头
|
|
|
|
// 获取 Authorization 头
|
|
|
|
String authHeader = request.getHeader("Authorization");
|
|
|
|
String authHeader = request.getHeader("Authorization");
|
|
|
|
// 提取 token(去掉 "Bearer " 前缀)
|
|
|
|
// 提取 token(去掉 "Bearer " 前缀)
|
|
|
|
@ -53,6 +51,10 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
username = jwtUtils.getUsernameFromToken(token);
|
|
|
|
username = jwtUtils.getUsernameFromToken(token);
|
|
|
|
} catch (Exception e) {
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
|
|
|
if (permitAllRequest) {
|
|
|
|
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
writeTokenErrorResponse(response, "Token 无效或已过期,请重新登录");
|
|
|
|
writeTokenErrorResponse(response, "Token 无效或已过期,请重新登录");
|
|
|
|
return; // 中断
|
|
|
|
return; // 中断
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -77,22 +79,37 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
|
|
|
|
if (permitAllRequest) {
|
|
|
|
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
// Token 已过期
|
|
|
|
// Token 已过期
|
|
|
|
writeTokenErrorResponse(response, "Token 已过期,请重新登录");
|
|
|
|
writeTokenErrorResponse(response, "Token 已过期,请重新登录");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
} catch (UsernameNotFoundException e) {
|
|
|
|
} catch (UsernameNotFoundException e) {
|
|
|
|
|
|
|
|
if (permitAllRequest) {
|
|
|
|
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
// 用户不存在
|
|
|
|
// 用户不存在
|
|
|
|
writeTokenErrorResponse(response, "用户不存在或已被删除");
|
|
|
|
writeTokenErrorResponse(response, "用户不存在或已被删除");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
} catch (Exception e) {
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
|
|
|
if (permitAllRequest) {
|
|
|
|
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
// 其他加载异常
|
|
|
|
// 其他加载异常
|
|
|
|
writeTokenErrorResponse(response, "用户信息加载失败:" + e.getMessage());
|
|
|
|
writeTokenErrorResponse(response, "用户信息加载失败:" + e.getMessage());
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (permitAllRequest) {
|
|
|
|
|
|
|
|
filterChain.doFilter(request, response);
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
}
|
|
|
|
// 特殊情况兜底:比如 token 解析成功但 userDetails 为 null,或已认证但不符合预期
|
|
|
|
// 特殊情况兜底:比如 token 解析成功但 userDetails 为 null,或已认证但不符合预期
|
|
|
|
// 根据你的“核心逻辑”,只要没成功放行,就视为失败
|
|
|
|
// 根据你的“核心逻辑”,只要没成功放行,就视为失败
|
|
|
|
writeTokenErrorResponse(response, "认证失败,请重新登录");
|
|
|
|
writeTokenErrorResponse(response, "认证失败,请重新登录");
|
|
|
|
|
gitee
3 days ago