From 20a339612877e579749c89b9b5f88eec15707c3f Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 17 六月 2024 10:43:37 +0800
Subject: [PATCH] fix 修复 websocket clientid 参数不走mvc拦截器 无法生效问题
---
ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java b/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java
index 0abbbd3..1ad8ad6 100644
--- a/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java
+++ b/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java
@@ -1,7 +1,11 @@
package org.dromara.common.websocket.interceptor;
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
import lombok.extern.slf4j.Slf4j;
import org.dromara.common.core.domain.model.LoginUser;
+import org.dromara.common.core.utils.ServletUtils;
+import org.dromara.common.core.utils.StringUtils;
import org.dromara.common.satoken.utils.LoginHelper;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
@@ -31,7 +35,21 @@
*/
@Override
public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> attributes) {
+ // 妫�鏌ユ槸鍚︾櫥褰� 鏄惁鏈塼oken
LoginUser loginUser = LoginHelper.getLoginUser();
+
+ // 瑙e喅 ws 涓嶈蛋 mvc 鎷︽埅鍣ㄩ棶棰�(cloud 鐗堟湰涓嶅彈褰卞搷)
+ // 妫�鏌� header 涓� param 閲岀殑 clientid 涓� token 閲岀殑鏄惁涓�鑷�
+ String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
+ String paramCid = ServletUtils.getParameter(LoginHelper.CLIENT_KEY);
+ String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
+ if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
+ // token 鏃犳晥
+ throw NotLoginException.newInstance(StpUtil.getLoginType(),
+ "-100", "瀹㈡埛绔疘D涓嶵oken涓嶅尮閰�",
+ StpUtil.getTokenValue());
+ }
+
attributes.put(LOGIN_USER_KEY, loginUser);
return true;
}
--
Gitblit v1.9.3