diff --git a/pom.xml b/pom.xml
index da41da6..03aec4c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,10 @@
org.springframework.boot
spring-boot-starter-security
-
+
+ org.springframework.boot
+ spring-boot-starter-aop
+
org.springframework.boot
diff --git a/src/main/java/cn/teammodel/aop/LogInterceptor.java b/src/main/java/cn/teammodel/aop/LogInterceptor.java
new file mode 100644
index 0000000..467523b
--- /dev/null
+++ b/src/main/java/cn/teammodel/aop/LogInterceptor.java
@@ -0,0 +1,50 @@
+package cn.teammodel.aop;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StopWatch;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.UUID;
+
+@Aspect
+@Component
+@Slf4j
+public class LogInterceptor {
+
+ /**
+ * 执行拦截
+ */
+ @Around("execution(* cn.teammodel.controller.*.*(..))")
+ public Object doInterceptor(ProceedingJoinPoint point) throws Throwable {
+ // 计时
+ StopWatch stopWatch = new StopWatch();
+ stopWatch.start();
+ // 获取请求路径
+ RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
+ HttpServletRequest httpServletRequest = ((ServletRequestAttributes) requestAttributes).getRequest();
+ // 生成请求唯一 id
+ String requestId = UUID.randomUUID().toString();
+ String url = httpServletRequest.getRequestURI();
+ // 获取请求参数
+ Object[] args = point.getArgs();
+ String reqParam = "[" + StringUtils.join(args, ", ") + "]";
+ // 输出请求日志
+ log.info("request start,id: {}, path: {}, ip: {}, params: {}", requestId, url,
+ httpServletRequest.getRemoteHost(), reqParam);
+ // 执行原方法
+ Object result = point.proceed();
+ // 输出响应日志
+ stopWatch.stop();
+ long totalTimeMillis = stopWatch.getTotalTimeMillis();
+ log.info("request end, id: {}, cost: {}ms", requestId, totalTimeMillis);
+ return result;
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/cn/teammodel/controller/HelloController.java b/src/main/java/cn/teammodel/controller/HelloController.java
index bb3ec76..0337a44 100644
--- a/src/main/java/cn/teammodel/controller/HelloController.java
+++ b/src/main/java/cn/teammodel/controller/HelloController.java
@@ -17,4 +17,10 @@ public class HelloController {
System.out.println(SecurityContextHolder.getContext().getAuthentication());
return new R(200, "success","hello world");
}
+ @GetMapping("public/free")
+ @PreAuthorize("permitAll()")
+ public R free() {
+ System.out.println(SecurityContextHolder.getContext().getAuthentication());
+ return new R(200, "success","hello world");
+ }
}
\ No newline at end of file
diff --git a/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java b/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java
index ed0bae8..d2489bd 100644
--- a/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java
+++ b/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java
@@ -17,7 +17,6 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
-import java.nio.file.AccessDeniedException;
import java.util.Collection;
/**
@@ -40,10 +39,11 @@ public class AuthInnerTokenFilter extends OncePerRequestFilter {
// 验证 authToken 合法
TmdUserDetail tmdUserDetail = jwtTokenUtil.getValidUserDetail(request);
if (tmdUserDetail == null) {
- log.error("authToken authentication failed");
- throw new AccessDeniedException("无权限");
+ log.error("authToken authentication failed: {}", request.getHeader("x-auth-authToken"));
+ SecurityContextHolder.clearContext(); // 验证失败不应该在此处抛出异常,应该维护好 context 的值,以便整个过滤器链正常运行
+ filterChain.doFilter(request, response);
+ return;
}
- System.out.println(tmdUserDetail.getUser());
// 组装 authToken 的 jwt 进 authentication
Collection extends GrantedAuthority> authorities = authentication.getAuthorities();
UsernamePasswordAuthenticationToken finalAuthentication = new UsernamePasswordAuthenticationToken(tmdUserDetail, null, authorities);