From 95c01301f65379e7634e4619bf4c49186aa5be41 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期五, 07 二月 2025 14:19:28 +0800
Subject: [PATCH] !644 同步修复一些问题 Merge pull request !644 from 疯狂的狮子Li/dev

---
 ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java |   29 ++++++++++++++++++++++++++---
 1 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java b/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java
index 0abbbd3..c70e377 100644
--- a/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java
+++ b/ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java
@@ -1,7 +1,11 @@
 package org.dromara.common.websocket.interceptor;
 
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.dromara.common.core.domain.model.LoginUser;
+import org.dromara.common.core.utils.ServletUtils;
+import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.springframework.http.server.ServerHttpRequest;
 import org.springframework.http.server.ServerHttpResponse;
@@ -31,9 +35,28 @@
      */
     @Override
     public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> attributes) {
-        LoginUser loginUser = LoginHelper.getLoginUser();
-        attributes.put(LOGIN_USER_KEY, loginUser);
-        return true;
+        try {
+            // 妫�鏌ユ槸鍚︾櫥褰� 鏄惁鏈塼oken
+            LoginUser loginUser = LoginHelper.getLoginUser();
+
+            // 瑙ｅ喅 ws 涓嶈蛋 mvc 鎷︽埅鍣ㄩ棶棰�(cloud 鐗堟湰涓嶅彈褰卞搷)
+            // 妫�鏌� header 涓� param 閲岀殑 clientid 涓� token 閲岀殑鏄惁涓�鑷�
+            String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
+            String paramCid = ServletUtils.getParameter(LoginHelper.CLIENT_KEY);
+            String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
+            if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
+                // token 鏃犳晥
+                throw NotLoginException.newInstance(StpUtil.getLoginType(),
+                    "-100", "瀹㈡埛绔疘D涓嶵oken涓嶅尮閰�",
+                    StpUtil.getTokenValue());
+            }
+
+            attributes.put(LOGIN_USER_KEY, loginUser);
+            return true;
+        } catch (NotLoginException e) {
+            log.error("WebSocket 璁よ瘉澶辫触'{}',鏃犳硶璁块棶绯荤粺璧勬簮", e.getMessage());
+            return false;
+        }
     }
 
     /**

--
Gitblit v1.9.3