před 2 týdny · 09d19d1b20
--- a/src/main/java/com/zsElectric/boot/common/util/electric/queryToken/JwtTokenUtil.java
+++ b/src/main/java/com/zsElectric/boot/common/util/electric/queryToken/JwtTokenUtil.java
@@ -8,6 +8,7 @@ import io.jsonwebtoken.SignatureAlgorithm;
 
				 import io.jsonwebtoken.UnsupportedJwtException;
			
 
				 import io.jsonwebtoken.security.Keys;
			
 
				 import io.jsonwebtoken.security.SignatureException;
			
 
				+import lombok.extern.slf4j.Slf4j;
			
 
				 import org.springframework.beans.factory.annotation.Value;
			
 
				 import org.springframework.data.redis.core.RedisTemplate;
			
 
				 import org.springframework.stereotype.Component;
			
@@ -23,6 +24,7 @@ import java.util.stream.Collectors;
 
				  * JWT Token工具类
			
 
				  * 专门用于第三方接口的Token生成和验证
			
 
				  */
			
 
				+@Slf4j
			
 
				 @Component
			
 
				 public class JwtTokenUtil {
			
 
				 
			
@@ -53,20 +55,16 @@ public class JwtTokenUtil {
 
				         if (existingToken != null) {
			
 
				             return existingToken;
			
 
				         }
			
 
				-
			
 
				         Date now = new Date();
			
 
				         Date expiryDate = new Date(now.getTime() + expireSeconds * 1000);
			
 
				-        
			
 
				         String token = Jwts.builder()
			
 
				                 .setSubject(operatorId)
			
 
				                 .setIssuedAt(now)
			
 
				                 .setExpiration(expiryDate)
			
 
				                 .signWith(secretKey, SignatureAlgorithm.HS512)
			
 
				                 .compact();
			
 
				-        
			
 
				         // 存储到Redis，支持Token主动撤销
			
 
				         storeTokenInRedis(token, operatorId);
			
 
				-        
			
 
				         return token;
			
 
				     }
			
 
				 
			
@@ -79,27 +77,23 @@ public class JwtTokenUtil {
 
				             if (!isTokenInRedis(token)) {
			
 
				                 return false;
			
 
				             }
			
 
				-            
			
 
				             // 验证JWT签名和过期时间
			
 
				             Jwts.parserBuilder()
			
 
				                 .setSigningKey(secretKey)
			
 
				                 .build()
			
 
				                 .parseClaimsJws(token);
			
 
				-            
			
 
				             return true;
			
 
				-            
			
 
				         } catch (ExpiredJwtException e) {
			
 
				-            System.out.println("Token已过期: " + e.getMessage());
			
 
				+            log.error("Token已过期: {}" , e.getMessage());
			
 
				         } catch (UnsupportedJwtException e) {
			
 
				-            System.out.println("不支持的Token格式: " + e.getMessage());
			
 
				+            log.error("不支持的Token格式: {}" , e.getMessage());
			
 
				         } catch (MalformedJwtException e) {
			
 
				-            System.out.println("Token格式错误: " + e.getMessage());
			
 
				+            log.error("Token格式错误: {}" , e.getMessage());
			
 
				         } catch (SignatureException e) {
			
 
				-            System.out.println("Token签名验证失败: " + e.getMessage());
			
 
				+            log.error("Token签名验证失败: {}" , e.getMessage());
			
 
				         } catch (IllegalArgumentException e) {
			
 
				-            System.out.println("Token参数错误: " + e.getMessage());
			
 
				+            log.error("Token参数错误: {}" , e.getMessage());
			
 
				         }
			
 
				-        
			
 
				         return false;
			
 
				     }
			
 
				 
			
--- a/src/main/java/com/zsElectric/boot/common/util/electric/queryToken/TokenValidationAspect.java
+++ b/src/main/java/com/zsElectric/boot/common/util/electric/queryToken/TokenValidationAspect.java
@@ -2,6 +2,7 @@ package com.zsElectric.boot.common.util.electric.queryToken;
 
				 
			
 
				 import com.zsElectric.boot.core.exception.BusinessException;
			
 
				 import jakarta.servlet.http.HttpServletRequest;
			
 
				+import lombok.RequiredArgsConstructor;
			
 
				 import org.aspectj.lang.ProceedingJoinPoint;
			
 
				 import org.aspectj.lang.annotation.Around;
			
 
				 import org.aspectj.lang.annotation.Aspect;
			
@@ -11,13 +12,10 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 
				 
			
 
				 @Aspect
			
 
				 @Component
			
 
				+@RequiredArgsConstructor
			
 
				 public class TokenValidationAspect {
			
 
				     
			
 
				-//    private final JwtUtil jwtUtil;
			
 
				-    
			
 
				-//    public TokenValidationAspect(JwtUtil jwtUtil) {
			
 
				-//        this.jwtUtil = jwtUtil;
			
 
				-//    }
			
 
				+    private final JwtTokenUtil jwtTokenUtil;
			
 
				     
			
 
				     @Around("@annotation(tokenRequired)")
			
 
				     public Object validateToken(ProceedingJoinPoint joinPoint, TokenRequired tokenRequired) throws Throwable {
			
@@ -26,14 +24,12 @@ public class TokenValidationAspect {
 
				         if (request == null) {
			
 
				             throw new RuntimeException("无法获取HttpServletRequest");
			
 
				         }
			
 
				-        
			
 
				         // 验证Token
			
 
				         String token = extractTokenFromRequest(request);
			
 
				-        //todo
			
 
				-//        if (token == null || !jwtUtil.validateToken(token)) {
			
 
				-//            throw new BusinessException("Token验证失败");
			
 
				-//        }
			
 
				-        
			
 
				+
			
 
				+        if (token == null || !jwtTokenUtil.validateToken(token)) {
			
 
				+            throw new BusinessException("Token验证失败");
			
 
				+        }
			
 
				         return joinPoint.proceed();
			
 
				     }
			
 
				     
			
@@ -58,7 +54,7 @@ public class TokenValidationAspect {
 
				     }
			
 
				     
			
 
				     private String extractTokenFromRequest(HttpServletRequest request) {
			
 
				-        String authHeader = request.getHeader("x-token");
			
 
				+        String authHeader = request.getHeader("Authorization");
			
 
				         if (authHeader != null && authHeader.startsWith("Bearer ")) {
			
 
				             return authHeader.substring(7);
			
 
				         }