解决OPTIONS请求被拦截,解决前端传来的Token无法正常解析

This commit is contained in:
wenxin 2024-12-09 15:21:04 +08:00
parent e23f3f777d
commit 486b34a35f
4 changed files with 20 additions and 4 deletions

View File

@ -38,6 +38,7 @@
<dependency> <dependency>
<groupId>org.projectlombok</groupId> <groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId> <artifactId>lombok</artifactId>
<scope>provided</scope>
<version>1.18.34</version> <version>1.18.34</version>
</dependency> </dependency>
<!-- Thumbnailator --> <!-- Thumbnailator -->

View File

@ -19,6 +19,8 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@Slf4j @Slf4j
@ -28,10 +30,14 @@ public class SecurityInterceptor implements HandlerInterceptor {
private final LinxyunProperties linxyunProperties; private final LinxyunProperties linxyunProperties;
private Pattern pattern = Pattern.compile("LoginID_\\d{14}_\\d{6}");
// 生命周期 拦截器在请求处理之前调用只有返回true才会继续调用下一个拦截器或者处理器否则不会调用 // 生命周期 拦截器在请求处理之前调用只有返回true才会继续调用下一个拦截器或者处理器否则不会调用
@Override @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 跨域请求会首先发送一个OPTIONS请求这里我们给OPTIONS请求直接返回正常状态
if (request.getMethod().equals("OPTIONS")) return true;
log.info("鉴权拦截:{} {}", request.getMethod(), request.getRequestURI()); log.info("鉴权拦截:{} {}", request.getMethod(), request.getRequestURI());
// 获取请求头上的Token // 获取请求头上的Token
@ -39,15 +45,22 @@ public class SecurityInterceptor implements HandlerInterceptor {
if (StringUtils.isEmpty(token)) { if (StringUtils.isEmpty(token)) {
token = request.getParameter("Token"); token = request.getParameter("Token");
} }
log.info("请求头中Token{}", token);
response.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8"); response.setContentType("application/json; charset=utf-8");
Result<JSONObject> result; Result<JSONObject> result;
if (StringUtils.isEmpty(token)) { if (StringUtils.isEmpty(token)) {
log.info("请求头中无Authorization信息"); log.info("请求头中无 Token 信息");
result = Result.error(ErrorCode.USER_NOT_LOGGED_IN); result = Result.error(ErrorCode.USER_NOT_LOGGED_IN);
response.getWriter().write(JSON.toJSONString(result)); response.getWriter().write(JSON.toJSONString(result));
return false; return false;
} }
if (token.startsWith("Session")) {
Matcher matcher = pattern.matcher(token);
if (matcher.find()) {
token = matcher.group();
}
}
UserAuth userAuth = ApiUtils.getUserAuth(token); UserAuth userAuth = ApiUtils.getUserAuth(token);
if (userAuth == null) { if (userAuth == null) {
// 如果为空说明 token 无效 // 如果为空说明 token 无效

View File

@ -13,6 +13,7 @@ import org.springframework.util.StringUtils;
import java.io.IOException; import java.io.IOException;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
@Slf4j @Slf4j

View File

@ -13,10 +13,11 @@ import java.util.Map;
public class HttpUtils { public class HttpUtils {
// 通用请求方法处理所有的 GET POST 请求 // 通用请求方法处理所有的 GET POST 请求
private static JSONObject executeRequest(HttpRequest HttpRequest) { private static JSONObject executeRequest(HttpRequest request) {
try (HttpResponse response = HttpRequest.execute()) { try (HttpResponse response = request.execute()) {
log.info("HttpRequest{} {}", request.getUrl(), request.getMethod());
if (!response.isOk()) { if (!response.isOk()) {
log.error("HttpRequest failed: {} {}", response.getStatus(), response.body()); log.error("HttpRequest failed: {}", response.getStatus());
return null; return null;
} }
if (response.body() == null) { if (response.body() == null) {