From a3d0d7423c4aa1f65d4bbb2a17f89dccc52fd8d9 Mon Sep 17 00:00:00 2001 From: KilLze Date: Tue, 13 Jan 2026 00:32:17 +0800 Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=B0=81=E7=A6=81=E6=8B=A6?= =?UTF-8?q?=E6=88=AA=E5=99=A8=EF=BC=8C=E7=99=BB=E5=BD=95=E9=AA=8C=E8=AF=81?= =?UTF-8?q?=E5=AE=8C=E6=88=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dating/controller/AdminController.java | 4 +++ .../dating/interceptor/TokenInterceptor.java | 18 +++++++++-- .../dating/interceptor/WsAuthInterceptor.java | 8 +++++ .../com/bao/dating/pojo/entity/UserBan.java | 30 +++++++++++++++++++ .../dating/service/impl/UserServiceImpl.java | 8 ++++- 5 files changed, 64 insertions(+), 4 deletions(-) create mode 100644 src/main/java/com/bao/dating/controller/AdminController.java create mode 100644 src/main/java/com/bao/dating/pojo/entity/UserBan.java diff --git a/src/main/java/com/bao/dating/controller/AdminController.java b/src/main/java/com/bao/dating/controller/AdminController.java new file mode 100644 index 0000000..d449500 --- /dev/null +++ b/src/main/java/com/bao/dating/controller/AdminController.java @@ -0,0 +1,4 @@ +package com.bao.dating.controller; + +public class AdminController { +} diff --git a/src/main/java/com/bao/dating/interceptor/TokenInterceptor.java b/src/main/java/com/bao/dating/interceptor/TokenInterceptor.java index 3203fc9..e2357f9 100644 --- a/src/main/java/com/bao/dating/interceptor/TokenInterceptor.java +++ b/src/main/java/com/bao/dating/interceptor/TokenInterceptor.java @@ -44,10 +44,10 @@ public class TokenInterceptor implements HandlerInterceptor { } // 从 header 获取 token String token = request.getHeader("token"); - + try { log.info("jwt校验: {}", token); - + // 验证 token 是否有效(包括是否过期) if (!JwtUtil.validateToken(token)) { log.error("Token无效或已过期"); @@ -66,10 +66,22 @@ public class TokenInterceptor implements HandlerInterceptor { response.getWriter().write("登录已失效, 请重新登录"); return false; } - + // 解析 token Long userId = Long.valueOf(JwtUtil.getSubjectFromToken(token)); + // 检查用户是否被封禁 + String banKey = "user:ban:" + userId; + if (Boolean.TRUE.equals(redisTemplate.hasKey(banKey))) { + String reason = String.valueOf(redisTemplate.opsForValue().get(banKey)); + log.error("用户 {} 已被封禁:{}", userId, reason); + + response.setStatus(403); + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("账号已被封禁:" + reason); + return false; + } + // 从Redis获取存储的token进行比对 Object redisTokenObj = redisTemplate.opsForValue().get("login:token:" + userId); String redisToken = redisTokenObj != null ? redisTokenObj.toString() : null; diff --git a/src/main/java/com/bao/dating/interceptor/WsAuthInterceptor.java b/src/main/java/com/bao/dating/interceptor/WsAuthInterceptor.java index a01153c..1e0e99a 100644 --- a/src/main/java/com/bao/dating/interceptor/WsAuthInterceptor.java +++ b/src/main/java/com/bao/dating/interceptor/WsAuthInterceptor.java @@ -73,6 +73,14 @@ public class WsAuthInterceptor implements HandshakeInterceptor { Long userId = Long.valueOf(userIdStr); + // 检查用户是否被封禁 + String banKey = "user:ban:" + userId; + if (Boolean.TRUE.equals(redisTemplate.hasKey(banKey))) { + String reason = String.valueOf(redisTemplate.opsForValue().get(banKey)); + log.error("WebSocket拒绝:用户 {} 被封禁,原因:{}", userId, reason); + return false; + } + // 从Redis获取存储的token进行比对 String redisTokenKey = "login:token:" + userId; Object redisTokenObj = redisTemplate.opsForValue().get(redisTokenKey); diff --git a/src/main/java/com/bao/dating/pojo/entity/UserBan.java b/src/main/java/com/bao/dating/pojo/entity/UserBan.java new file mode 100644 index 0000000..53bec33 --- /dev/null +++ b/src/main/java/com/bao/dating/pojo/entity/UserBan.java @@ -0,0 +1,30 @@ +package com.bao.dating.pojo.entity; + +import lombok.Data; + +import java.time.LocalDateTime; + +/** + * 用户封禁记录 + * @author KilLze + */ +@Data +public class UserBan { + + private Long id; + + private Long userId; + + private String reason; + + private LocalDateTime banStartTime; + + private LocalDateTime banEndTime; + + /** + * 1:封禁中 0:已解封 + */ + private Integer status; + + private LocalDateTime createTime; +} diff --git a/src/main/java/com/bao/dating/service/impl/UserServiceImpl.java b/src/main/java/com/bao/dating/service/impl/UserServiceImpl.java index e3210ed..733e8ab 100644 --- a/src/main/java/com/bao/dating/service/impl/UserServiceImpl.java +++ b/src/main/java/com/bao/dating/service/impl/UserServiceImpl.java @@ -20,6 +20,7 @@ import com.bao.dating.util.CodeUtil; import com.bao.dating.util.FileUtil; import com.bao.dating.util.JwtUtil; import com.bao.dating.util.MD5Util; +import com.bao.dating.util.UserBanUtil; import io.jsonwebtoken.Claims; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -66,6 +67,9 @@ public class UserServiceImpl implements UserService { @Autowired private VerificationCodeService verificationCodeService; + @Autowired + private UserBanUtil userBanValidator; + /** * 用户登录 * @@ -92,6 +96,8 @@ public class UserServiceImpl implements UserService { if (!match) { throw new RuntimeException("密码错误"); } + // 用户封禁验证 + userBanValidator.validateUserNotBanned(user.getUserId()); // 生成token String token = JwtUtil.generateToken(String.valueOf(user.getUserId())); @@ -485,4 +491,4 @@ public class UserServiceImpl implements UserService { } return result; } -} +} \ No newline at end of file