package com.rongyichuang.auth.filter; import com.rongyichuang.auth.util.JwtUtil; import com.rongyichuang.user.entity.User; import com.rongyichuang.user.repository.UserRepository; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.Authentication; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import java.io.IOException; import java.util.ArrayList; import java.util.Optional; /** * JWT认证过滤器 */ @Component public class JwtAuthenticationFilter extends OncePerRequestFilter { private static final Logger logger = LoggerFactory.getLogger(JwtAuthenticationFilter.class); @Autowired private JwtUtil jwtUtil; @Autowired private UserRepository userRepository; @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { System.out.println("=== JWT过滤器被调用 === URI: " + request.getRequestURI()); logger.debug("JWT过滤器开始处理请求: {}", request.getRequestURI()); String authHeader = request.getHeader("Authorization"); String token = null; Long userId = null; logger.debug("Authorization头: {}", authHeader); // 从请求头中提取JWT token if (authHeader != null && authHeader.startsWith("Bearer ")) { token = authHeader.substring(7); logger.debug("提取到JWT token: {}", token.substring(0, Math.min(20, token.length())) + "..."); try { userId = jwtUtil.getUserIdFromToken(token); logger.debug("从token中解析到用户ID: {}", userId); } catch (Exception e) { logger.error("JWT token解析失败: {}", e.getMessage(), e); } } else { logger.debug("没有找到Authorization头或格式不正确"); } // 如果token有效且当前是匿名或无认证,则进行认证 Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication(); boolean isAnonymous = (existingAuth == null) || ("anonymousUser".equals(String.valueOf(existingAuth.getPrincipal()))); if (userId != null && isAnonymous) { logger.debug("开始验证token有效性"); // 验证token是否有效 if (jwtUtil.validateToken(token)) { logger.debug("Token验证成功,查找用户信息"); // 查找用户信息 Optional userOpt = userRepository.findById(userId); if (userOpt.isPresent()) { User user = userOpt.get(); logger.debug("找到用户: userId={}, phone={}", user.getId(), user.getPhone()); // 创建认证对象 UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken( user.getId().toString(), null, new ArrayList<>() // 暂时不设置权限,后续可以根据角色设置 ); authToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authToken); logger.info("用户认证成功: userId={}, phone={}", user.getId(), user.getPhone()); } else { logger.warn("用户不存在: userId={}", userId); } } else { logger.warn("Token验证失败"); } } else if (userId == null) { logger.debug("没有解析到用户ID"); } else { logger.debug("已存在非匿名认证信息,跳过JWT认证"); } filterChain.doFilter(request, response); } }