update: ws问诊接口添加token权限校验

adad9945 · gaozhaochen · 8da2e797 · adad9945
Commit adad9945 authored Sep 11, 2023 by gaozhaochen
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 14 deletions

GptServerFilter.java ...stc/sict/cloud/common/gateway/filter/GptServerFilter.java +18 -14

No files found.
--- a/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/GptServerFilter.java
+++ b/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/GptServerFilter.java
 package cn.sh.stc.sict.cloud.common.gateway.filter;

 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.sh.stc.sict.cloud.common.core.util.R;
-
 import cn.sh.stc.sict.cloud.common.gateway.feign.RemoteAuthService;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
 import org.springframework.http.server.reactive.ServerHttpRequest;
@@ -24,14 +23,14 @@ public class GptServerFilter extends AbstractGatewayFilterFactory {

    public final RemoteAuthService remoteAuthService;

-    public static final String SEC_WEBSOCKET_PROTOCOL = "Sec-WebSocket-Protocol";
+    public static final String WEB_TOKEN = "ws-token";

    @Override
    public GatewayFilter apply(Object config) {
        return (exchange, chain) -> {
            ServerHttpRequest request = exchange.getRequest();
-            String token = request.getHeaders().getFirst(SEC_WEBSOCKET_PROTOCOL);
-            log.info("ws-token{}", token);
+            String token = request.getQueryParams().getFirst(WEB_TOKEN);
+            log.error("ws-token = {}", token);
            // 权限校验
            if (checkToken(token)) {
                return chain.filter(exchange);
@@ -48,15 +47,20 @@ public class GptServerFilter extends AbstractGatewayFilterFactory {
     * @return
     */
    private boolean checkToken(String token) {
-//        if (StringUtils.isEmpty(token)) {
-//            return false;
-//        }
-        return true;
-//        R<Boolean> valid = remoteAuthService.isValid(token);
-//        if (ObjectUtil.isNull(valid) || ObjectUtil.isNull(valid.getData())) {
-//            return false;
-//        }
-//        return valid.getData();
+        try {
+            if (StrUtil.isBlank(token)) {
+                return false;
+            }
+
+            R<Boolean> valid = remoteAuthService.isValid(token);
+            if (ObjectUtil.isNull(valid) || ObjectUtil.isNull(valid.getData())) {
+                return false;
+            }
+            return valid.getData();
+        } catch (Exception e) {
+            log.error("权限校验失败", e);
+            return false;
+        }
    }

 }