makefriends/dating
2
1
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

用户封禁拦截器,登录验证完成

Browse Source
This commit is contained in:
KilLze
2026-01-13 00:32:17 +08:00
parent 4f94c43f94
commit a3d0d7423c
5 changed files with 64 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/com/bao/dating/controller/AdminController.java Normal file
View File

@@ -0,0 +1,4 @@
package com.bao.dating.controller;
public class AdminController {
}

18
src/main/java/com/bao/dating/interceptor/TokenInterceptor.java
View File

@@ -44,10 +44,10 @@ public class TokenInterceptor implements HandlerInterceptor {
}
// 从 header 获取 token
String token = request.getHeader("token");
try {
log.info("jwt校验: {}", token);
// 验证 token 是否有效(包括是否过期)
if (!JwtUtil.validateToken(token)) {
log.error("Token无效或已过期");
@@ -66,10 +66,22 @@ public class TokenInterceptor implements HandlerInterceptor {
response.getWriter().write("登录已失效, 请重新登录");
return false;
}
// 解析 token
Long userId = Long.valueOf(JwtUtil.getSubjectFromToken(token));
// 检查用户是否被封禁
String banKey = "user:ban:" + userId;
if (Boolean.TRUE.equals(redisTemplate.hasKey(banKey))) {
String reason = String.valueOf(redisTemplate.opsForValue().get(banKey));
log.error("用户 {} 已被封禁:{}", userId, reason);
response.setStatus(403);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write("账号已被封禁:" + reason);
return false;
}
// 从Redis获取存储的token进行比对
Object redisTokenObj = redisTemplate.opsForValue().get("login:token:" + userId);
String redisToken = redisTokenObj != null ? redisTokenObj.toString() : null;

8
src/main/java/com/bao/dating/interceptor/WsAuthInterceptor.java
View File

@@ -73,6 +73,14 @@ public class WsAuthInterceptor implements HandshakeInterceptor {
Long userId = Long.valueOf(userIdStr);
// 检查用户是否被封禁
String banKey = "user:ban:" + userId;
if (Boolean.TRUE.equals(redisTemplate.hasKey(banKey))) {
String reason = String.valueOf(redisTemplate.opsForValue().get(banKey));
log.error("WebSocket拒绝用户 {} 被封禁,原因:{}", userId, reason);
return false;
}
// 从Redis获取存储的token进行比对
String redisTokenKey = "login:token:" + userId;
Object redisTokenObj = redisTemplate.opsForValue().get(redisTokenKey);

30
src/main/java/com/bao/dating/pojo/entity/UserBan.java Normal file
View File

@@ -0,0 +1,30 @@
package com.bao.dating.pojo.entity;
import lombok.Data;
import java.time.LocalDateTime;
/**
* 用户封禁记录
* @author KilLze
*/
@Data
public class UserBan {
private Long id;
private Long userId;
private String reason;
private LocalDateTime banStartTime;
private LocalDateTime banEndTime;
/**
* 1:封禁中 0:已解封
*/
private Integer status;
private LocalDateTime createTime;
}

8
src/main/java/com/bao/dating/service/impl/UserServiceImpl.java
View File

@@ -20,6 +20,7 @@ import com.bao.dating.util.CodeUtil;
import com.bao.dating.util.FileUtil;
import com.bao.dating.util.JwtUtil;
import com.bao.dating.util.MD5Util;
import com.bao.dating.util.UserBanUtil;
import io.jsonwebtoken.Claims;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
@@ -66,6 +67,9 @@ public class UserServiceImpl implements UserService {
@Autowired
private VerificationCodeService verificationCodeService;
@Autowired
private UserBanUtil userBanValidator;
/**
* 用户登录
*
@@ -92,6 +96,8 @@ public class UserServiceImpl implements UserService {
if (!match) {
throw new RuntimeException("密码错误");
}
// 用户封禁验证
userBanValidator.validateUserNotBanned(user.getUserId());
// 生成token
String token = JwtUtil.generateToken(String.valueOf(user.getUserId()));
@@ -485,4 +491,4 @@ public class UserServiceImpl implements UserService {
}
return result;
}
}
}