114 lines
3.7 KiB
Markdown
114 lines
3.7 KiB
Markdown
|
# 管理员统计接口404错误修复说明
|
|||
|
|
|
|||
|
|
## 问题概述
|
|||
|
|
应用出现静态资源404错误,具体表现为:
|
|||
|
|
```
|
|||
|
|
No static resource admin/statistics/most-viewed-videos
|
|||
|
|
No static resource admin/statistics/most-used-workflows
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
## 错误原因分析
|
|||
|
|
|
|||
|
|
### 1. 问题本质
|
|||
|
|
前端请求缺少JWT认证头,导致Spring Security将API请求误当作静态资源请求处理。
|
|||
|
|
|
|||
|
|
### 2. 技术细节
|
|||
|
|
- **后端接口正常**:`AdminRevenueController` 中存在对应的API接口
|
|||
|
|
- **路由配置正确**:
|
|||
|
|
- `@RequestMapping("/admin")` + `@GetMapping("/statistics/most-used-workflows")`
|
|||
|
|
- `@RequestMapping("/admin")` + `@GetMapping("/statistics/most-viewed-videos")`
|
|||
|
|
- **认证缺失**:前端 fetch 请求没有携带 JWT Authorization 头
|
|||
|
|
- **Spring Security拦截**:未认证请求被当作静态资源处理
|
|||
|
|
|
|||
|
|
### 3. 对比分析
|
|||
|
|
✅ **正常工作的接口**:`/admin/revenue/statistics` - 有JWT认证
|
|||
|
|
❌ **出错的接口**:`/admin/statistics/most-*` - 缺少JWT认证
|
|||
|
|
|
|||
|
|
## 解决方案
|
|||
|
|
|
|||
|
|
### 修改文件
|
|||
|
|
`src/main/resources/static/test_admin_stats.html`
|
|||
|
|
|
|||
|
|
### 修改前的代码
|
|||
|
|
```javascript
|
|||
|
|
const response = await fetch(`/admin/statistics/most-used-workflows?${params.toString()}`, {
|
|||
|
|
method: 'GET',
|
|||
|
|
headers: {
|
|||
|
|
'Content-Type': 'application/json'
|
|||
|
|
}
|
|||
|
|
});
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 修改后的代码
|
|||
|
|
```javascript
|
|||
|
|
const response = await fetch(`/admin/statistics/most-used-workflows?${params.toString()}`, {
|
|||
|
|
method: 'GET',
|
|||
|
|
headers: {
|
|||
|
|
'Content-Type': 'application/json',
|
|||
|
|
'Authorization': 'Bearer ' + (localStorage.getItem('adminToken') || sessionStorage.getItem('adminToken') || '')
|
|||
|
|
}
|
|||
|
|
});
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
## 修复内容
|
|||
|
|
|
|||
|
|
1. **为工作流统计接口添加认证头**
|
|||
|
|
- 接口:`/admin/statistics/most-used-workflows`
|
|||
|
|
- 添加:`Authorization: Bearer [token]`
|
|||
|
|
|
|||
|
|
2. **为视频统计接口添加认证头**
|
|||
|
|
- 接口:`/admin/statistics/most-viewed-videos`
|
|||
|
|
- 添加:`Authorization: Bearer [token]`
|
|||
|
|
|
|||
|
|
## 认证Token获取逻辑
|
|||
|
|
```javascript
|
|||
|
|
localStorage.getItem('adminToken') || sessionStorage.getItem('adminToken') || ''
|
|||
|
|
```
|
|||
|
|
- 优先从 `localStorage` 获取管理员token
|
|||
|
|
- 如果不存在,则从 `sessionStorage` 获取
|
|||
|
|
- 都不存在时使用空字符串
|
|||
|
|
|
|||
|
|
## 验证方法
|
|||
|
|
|
|||
|
|
### 1. 重启应用后测试
|
|||
|
|
```bash
|
|||
|
|
# 重新编译并启动应用
|
|||
|
|
mvn spring-boot:run
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 2. 检查日志
|
|||
|
|
- ✅ **成功标志**:应该看到类似这样的日志
|
|||
|
|
```
|
|||
|
|
INFO c.d.controller.AdminRevenueController : 收到获取最多使用工作流统计请求
|
|||
|
|
INFO c.d.controller.AdminRevenueController : 收到获取最多观看视频统计请求
|
|||
|
|
```
|
|||
|
|
- ❌ **错误标志**:不应再看到 `NoResourceFoundException`
|
|||
|
|
|
|||
|
|
### 3. 前端测试
|
|||
|
|
访问 `http://localhost:8081/test_admin_stats.html` 并:
|
|||
|
|
1. 确保已登录管理员账户
|
|||
|
|
2. 测试"最多使用工作流统计"功能
|
|||
|
|
3. 测试"最多观看视频统计"功能
|
|||
|
|
|
|||
|
|
## 注意事项
|
|||
|
|
|
|||
|
|
1. **Token有效性**:确保管理员token未过期
|
|||
|
|
2. **登录状态**:使用前需要先通过管理员登录接口获取token
|
|||
|
|
3. **权限检查**:确保当前管理员有访问统计数据的权限
|
|||
|
|
|
|||
|
|
## 预防措施
|
|||
|
|
|
|||
|
|
为避免类似问题,在编写新的管理员功能时:
|
|||
|
|
|
|||
|
|
1. **统一认证处理**:所有管理员API请求都应携带JWT token
|
|||
|
|
2. **测试覆盖**:新增API时同步更新测试页面的认证逻辑
|
|||
|
|
3. **错误监控**:定期检查应用日志,及时发现认证相关问题
|
|||
|
|
|
|||
|
|
## 相关文件
|
|||
|
|
|
|||
|
|
- **后端控制器**:`src/main/java/com/dora/controller/AdminRevenueController.java`
|
|||
|
|
- **前端测试页面**:`src/main/resources/static/test_admin_stats.html`
|
|||
|
|
- **认证配置**:`src/main/java/com/dora/config/JwtAuthenticationFilter.java`
|
|||
|
|
|
|||
|
|
修复完成后,原本的404错误应该消失,接口能够正常响应数据。
|