From 203bbd58388dee516ac290a6c01000d796446cd0 Mon Sep 17 00:00:00 2001
From: xuxin <840198532@qq.com>
Date: Sun, 7 Dec 2025 13:42:47 +0800
Subject: [PATCH] =?UTF-8?q?tlias=E7=AE=A1=E7=90=86=E7=B3=BB=E7=BB=9F--?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=A0=A1=E9=AA=8C--=E6=8B=A6=E6=88=AA?=
 =?UTF-8?q?=E5=99=A8=E5=AE=9E=E7=8E=B0=E7=99=BB=E5=BD=95=E6=A0=A1=E9=AA=8C?=
 =?UTF-8?q?=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/inmind/config/WebConfig.java     |  2 +-
 .../com/inmind/filter/LoginCheckFilter.java   |  2 +-
 .../interceptor/LoginCheckInterceptor.java    | 54 ++++++++++++++++++-
 3 files changed, 55 insertions(+), 3 deletions(-)

diff --git a/tlias-web-management/src/main/java/com/inmind/config/WebConfig.java b/tlias-web-management/src/main/java/com/inmind/config/WebConfig.java
index 5c59b88..b77b462 100644
--- a/tlias-web-management/src/main/java/com/inmind/config/WebConfig.java
+++ b/tlias-web-management/src/main/java/com/inmind/config/WebConfig.java
@@ -16,6 +16,6 @@ public class WebConfig implements WebMvcConfigurer {
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
         //注册拦截器，并设置拦截资源路径
-        registry.addInterceptor(loginCheckInterceptor).addPathPatterns("/**");
+        registry.addInterceptor(loginCheckInterceptor).addPathPatterns("/**").excludePathPatterns("/login");
     }
 }
diff --git a/tlias-web-management/src/main/java/com/inmind/filter/LoginCheckFilter.java b/tlias-web-management/src/main/java/com/inmind/filter/LoginCheckFilter.java
index 18047e5..0925b68 100644
--- a/tlias-web-management/src/main/java/com/inmind/filter/LoginCheckFilter.java
+++ b/tlias-web-management/src/main/java/com/inmind/filter/LoginCheckFilter.java
@@ -12,7 +12,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
-@WebFilter(urlPatterns = "/*")//登录校验过滤器，拦截所有的资源请求
+//@WebFilter(urlPatterns = "/*")//登录校验过滤器，拦截所有的资源请求
 @Slf4j
 public class LoginCheckFilter implements Filter {
     @Override
diff --git a/tlias-web-management/src/main/java/com/inmind/interceptor/LoginCheckInterceptor.java b/tlias-web-management/src/main/java/com/inmind/interceptor/LoginCheckInterceptor.java
index 5927606..10b1676 100644
--- a/tlias-web-management/src/main/java/com/inmind/interceptor/LoginCheckInterceptor.java
+++ b/tlias-web-management/src/main/java/com/inmind/interceptor/LoginCheckInterceptor.java
@@ -1,13 +1,21 @@
 package com.inmind.interceptor;
 
+import com.alibaba.fastjson.JSONObject;
+import com.inmind.pojo.Result;
+import com.inmind.utils.JwtUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 
+/*
+* 使用了spring的拦截器，实现了登录校验JWT的功能
+* */
 @Component
 @Slf4j
 public class LoginCheckInterceptor implements HandlerInterceptor {
@@ -15,7 +23,39 @@ public class LoginCheckInterceptor implements HandlerInterceptor {
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         System.out.println("preHandle  执行了");
 //        return true;//放行，那么控制器的资源就可以被访问
-        return false;//不放行，那么控制器的资源就不可以被访问
+//        return false;//不放行，那么控制器的资源就不可以被访问
+
+
+        //1.获取请求url（之前都是通过HttpServletRequest获取请求）
+        String url = request.getRequestURI();//http://localhost:8080/login或者http://localhost:8080/emps
+        log.info("请求url:"+url);
+        //2.判断请求url中是否有login，如果包含那就是登录接口，直接放行
+        if (url.contains("login")) {
+            log.info("当前是登录请求，直接放行");
+            return true;
+        }
+        //3.如果不是登录操作，获取请求头中的令牌
+        String jwt = request.getHeader("token");
+
+        //4.判断令牌是否存在
+        if (!StringUtils.hasLength(jwt)) {
+            log.info("令牌不存在，直接响应未登录状态");
+            // 未登录的响应实现
+            notLogin(response);
+            return false;
+        }
+
+        //5.判断令牌的合法性，如果不合法则，响应未登录状态
+        try {
+            JwtUtils.parseJWT(jwt);
+        } catch (Exception e) {
+            //未登录的响应实现
+            notLogin(response);
+            return false;
+        }
+
+        //放行
+        return true;
     }
 
     @Override
@@ -27,4 +67,16 @@ public class LoginCheckInterceptor implements HandlerInterceptor {
     public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
         System.out.println("afterCompletion");
     }
+
+
+    private void notLogin(HttpServletResponse response) throws IOException {
+        //根据接口文档响应json，之前通过spring的控制器的@ResponseBody注解自动转换为json返回
+        //但是当前不是控制器，所以我们要手动封装json数据响应
+        Result error = Result.error("NOT_LOGIN");
+        //手动将java对象转为json字符串----阿里巴巴fastJson
+        String notLoginJson = JSONObject.toJSONString(error);
+        //响应数据通过响应对象，直接返回给浏览器（客户端）
+        response.getWriter().write(notLoginJson);
+        return;
+    }
 }