From addad75aa15a24890b8118f180db3ba69ae8d813 Mon Sep 17 00:00:00 2001
From: gitee <xueqingkun@126.com>
Date: Tue, 12 Aug 2025 14:03:37 +0800
Subject: [PATCH] =?UTF-8?q?1.=E4=BF=AE=E6=94=B9=E6=9D=83=E9=99=90=E8=AE=A4?=
 =?UTF-8?q?=E8=AF=81=E9=80=BB=E8=BE=91=EF=BC=8C=E5=9C=A8=E7=99=BD=E5=90=8D?=
 =?UTF-8?q?=E5=8D=95=E4=B8=AD=E7=9A=84url=E4=B9=9F=E9=9C=80=E8=A6=81?=
 =?UTF-8?q?=E5=9C=A8context=E4=B8=AD=E5=AD=98=E5=85=A5=E7=94=A8=E6=88=B7?=
 =?UTF-8?q?=E4=BF=A1=E6=81=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../filter/JwtAuthenticationFilter.java       | 41 ++++++++++++-------
 1 file changed, 26 insertions(+), 15 deletions(-)

diff --git a/src/main/java/com/supervision/filter/JwtAuthenticationFilter.java b/src/main/java/com/supervision/filter/JwtAuthenticationFilter.java
index 478cbba..0fe6f5c 100644
--- a/src/main/java/com/supervision/filter/JwtAuthenticationFilter.java
+++ b/src/main/java/com/supervision/filter/JwtAuthenticationFilter.java
@@ -9,6 +9,7 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -22,7 +23,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 import java.io.IOException;
 
-
+@Slf4j
 @Component
 @RequiredArgsConstructor
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
@@ -43,6 +44,15 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
         // 获取 Authorization 头
         String authHeader = request.getHeader("Authorization");
+        if (authHeader == null || !authHeader.startsWith("Bearer ")) {
+            log.info("用户未携带token信息，请求路径:{}", request.getRequestURI());
+            if (permitAllRequest) {
+                filterChain.doFilter(request, response);
+                return;
+            }
+            writeTokenErrorResponse(response, "用户未登录，请登录");
+            return; // 直接返回，不放行
+        }
         // 提取 token（去掉 "Bearer " 前缀）
         String token = authHeader.substring(7);
         String username;
@@ -51,58 +61,59 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
         try {
             username = jwtUtils.getUsernameFromToken(token);
         } catch (Exception e) {
+            log.error("token认证失败，请求路径:{},permitRequest is {}", request.getRequestURI(),permitAllRequest,e);
             if (permitAllRequest) {
                 filterChain.doFilter(request, response);
                 return;
             }
             writeTokenErrorResponse(response, "Token 无效或已过期，请重新登录");
-            return; //  中断
+            return;
         }
 
         // 3：成功解析出用户名，且当前 SecurityContext 未认证
         if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
             try {
-                // 从 UserDetailsService 加载用户信息
                 UserDetails userDetails = userDetailsService.loadUserByUsername(username);
 
-                // 验证 Token 是否未过期（你可以根据需要添加更多验证，如登录时间）
+                // 验证 Token 是否仍然有效（时间戳、登录时间等）
                 if (!jwtUtils.isTokenExpired(token)) {
-                    // 创建认证对象
+
+                    //认证成功：设置 SecurityContext
                     UsernamePasswordAuthenticationToken authToken =
                             new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                     authToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-
-                    // 设置到 SecurityContext
                     SecurityContextHolder.getContext().setAuthentication(authToken);
-
-                    // 认证成功！放行到 Controller
+                    log.info("用户 {} token认证成功，请求路径:{}", userDetails.getUsername(), request.getRequestURI());
+                    //成功后放行，进入 Controller
                     filterChain.doFilter(request, response);
                     return;
+
                 } else {
+                    //Token 过期 或 登录态不一致
+                    log.info("用户 {} token认证失败,请求路径:{},permitRequest is {}", userDetails.getUsername(), request.getRequestURI(),permitAllRequest);
                     if (permitAllRequest) {
                         filterChain.doFilter(request, response);
                         return;
                     }
-                    //  Token 已过期
-                    writeTokenErrorResponse(response, "Token 已过期，请重新登录");
+                    writeTokenErrorResponse(response, "登录已过期，请重新登录");
                     return;
                 }
 
             } catch (UsernameNotFoundException e) {
+                log.error("token认证失败，请求路径:{},permitRequest is {}", request.getRequestURI(),permitAllRequest,e);
                 if (permitAllRequest) {
                     filterChain.doFilter(request, response);
                     return;
                 }
-                //  用户不存在
-                writeTokenErrorResponse(response, "用户不存在或已被删除");
+                writeTokenErrorResponse(response, "用户不存在");
                 return;
             } catch (Exception e) {
+                log.error("token认证失败，请求路径:{},permitRequest is {}", request.getRequestURI(),permitAllRequest,e);
                 if (permitAllRequest) {
                     filterChain.doFilter(request, response);
                     return;
                 }
-                //  其他加载异常
-                writeTokenErrorResponse(response, "用户信息加载失败：" + e.getMessage());
+                writeTokenErrorResponse(response, "用户认证异常：" + e.getMessage());
                 return;
             }
         }