diff --git a/pom.xml b/pom.xml
index 15f5152..04b91aa 100644
--- a/pom.xml
+++ b/pom.xml
@@ -38,6 +38,7 @@
org.projectlombok
lombok
+ provided
1.18.34
diff --git a/src/main/java/com/linxyun/core/interceptor/SecurityInterceptor.java b/src/main/java/com/linxyun/core/interceptor/SecurityInterceptor.java
index 5033c54..1302421 100644
--- a/src/main/java/com/linxyun/core/interceptor/SecurityInterceptor.java
+++ b/src/main/java/com/linxyun/core/interceptor/SecurityInterceptor.java
@@ -19,6 +19,8 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
@Slf4j
@@ -28,10 +30,14 @@ public class SecurityInterceptor implements HandlerInterceptor {
private final LinxyunProperties linxyunProperties;
+ private Pattern pattern = Pattern.compile("LoginID_\\d{14}_\\d{6}");
+
// 生命周期: 拦截器在请求处理之前调用,只有返回true才会继续调用下一个拦截器或者处理器,否则不会调用
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+ // 跨域请求会首先发送一个OPTIONS请求,这里我们给OPTIONS请求直接返回正常状态
+ if (request.getMethod().equals("OPTIONS")) return true;
log.info("鉴权拦截:{} {}", request.getMethod(), request.getRequestURI());
// 获取请求头上的Token
@@ -39,15 +45,22 @@ public class SecurityInterceptor implements HandlerInterceptor {
if (StringUtils.isEmpty(token)) {
token = request.getParameter("Token");
}
+ log.info("请求头中Token:{}", token);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
Result result;
if (StringUtils.isEmpty(token)) {
- log.info("请求头中无Authorization信息");
+ log.info("请求头中无 Token 信息");
result = Result.error(ErrorCode.USER_NOT_LOGGED_IN);
response.getWriter().write(JSON.toJSONString(result));
return false;
}
+ if (token.startsWith("Session")) {
+ Matcher matcher = pattern.matcher(token);
+ if (matcher.find()) {
+ token = matcher.group();
+ }
+ }
UserAuth userAuth = ApiUtils.getUserAuth(token);
if (userAuth == null) {
// 如果为空,说明 token 无效
diff --git a/src/main/java/com/linxyun/core/utils/ApiUtils.java b/src/main/java/com/linxyun/core/utils/ApiUtils.java
index 954b67f..46e3ece 100644
--- a/src/main/java/com/linxyun/core/utils/ApiUtils.java
+++ b/src/main/java/com/linxyun/core/utils/ApiUtils.java
@@ -13,6 +13,7 @@ import org.springframework.util.StringUtils;
import java.io.IOException;
import java.util.concurrent.TimeUnit;
+import java.util.regex.Pattern;
@Slf4j
diff --git a/src/main/java/com/linxyun/core/utils/HttpUtils.java b/src/main/java/com/linxyun/core/utils/HttpUtils.java
index 617df7b..4316101 100644
--- a/src/main/java/com/linxyun/core/utils/HttpUtils.java
+++ b/src/main/java/com/linxyun/core/utils/HttpUtils.java
@@ -13,10 +13,11 @@ import java.util.Map;
public class HttpUtils {
// 通用请求方法,处理所有的 GET 和 POST 请求
- private static JSONObject executeRequest(HttpRequest HttpRequest) {
- try (HttpResponse response = HttpRequest.execute()) {
+ private static JSONObject executeRequest(HttpRequest request) {
+ try (HttpResponse response = request.execute()) {
+ log.info("HttpRequest:{} {}", request.getUrl(), request.getMethod());
if (!response.isOk()) {
- log.error("HttpRequest failed: {} {}", response.getStatus(), response.body());
+ log.error("HttpRequest failed: {}", response.getStatus());
return null;
}
if (response.body() == null) {