wangys/K12Study
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

更新

Browse Source
This commit is contained in:
wangys
2026-04-17 16:31:32 +08:00
parent adadb3bf1d
commit 2476655b28
116 changed files with 3875 additions and 583 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
backend/gateway/src/main/java/com/k12study/gateway/filter/JwtRelayFilter.java
View File

@@ -42,12 +42,21 @@ public class JwtRelayFilter implements GlobalFilter, Ordered {
try {
String token = authorization.substring(authProperties.getTokenPrefix().length());
JwtUserPrincipal principal = jwtTokenProvider.parse(token);
if ("MINI".equalsIgnoreCase(principal.clientType()) && !principal.roleCodes().contains("STUDENT")) {
return forbidden(exchange, "MINI client only allows STUDENT role");
}
var mutatedRequest = exchange.getRequest().mutate()
.header(SecurityConstants.HEADER_USER_ID, principal.userId())
.header(SecurityConstants.HEADER_USERNAME, principal.username())
.header(SecurityConstants.HEADER_DISPLAY_NAME, principal.displayName())
.header(SecurityConstants.HEADER_TENANT_ID, principal.tenantId())
.header(SecurityConstants.HEADER_DEPT_ID, principal.deptId())
.header(SecurityConstants.HEADER_USER_ID, safe(principal.userId()))
.header(SecurityConstants.HEADER_USERNAME, safe(principal.username()))
.header(SecurityConstants.HEADER_DISPLAY_NAME, safe(principal.displayName()))
.header(SecurityConstants.HEADER_ADCODE, safe(principal.adcode()))
.header(SecurityConstants.HEADER_TENANT_ID, safe(principal.tenantId()))
.header(SecurityConstants.HEADER_TENANT_PATH, safe(principal.tenantPath()))
.header(SecurityConstants.HEADER_DEPT_ID, safe(principal.deptId()))
.header(SecurityConstants.HEADER_DEPT_PATH, safe(principal.deptPath()))
.header(SecurityConstants.HEADER_ROLE_CODES, String.join(",", principal.roleCodes()))
.header(SecurityConstants.HEADER_CLIENT_TYPE, safe(principal.clientType()))
.header(SecurityConstants.HEADER_SESSION_ID, safe(principal.sessionId()))
.build();
return chain.filter(exchange.mutate().request(mutatedRequest).build());
} catch (Exception exception) {
@@ -67,9 +76,24 @@ public class JwtRelayFilter implements GlobalFilter, Ordered {
private Mono<Void> unauthorized(ServerWebExchange exchange, String message) {
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
exchange.getResponse().getHeaders().set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
byte[] body = ("{\"code\":401,\"message\":\"" + message + "\",\"data\":null}").getBytes();
String bodyJson = "{\"code\":401,\"message\":\"%s\",\"data\":null}".formatted(message);
byte[] body = bodyJson.getBytes();
return exchange.getResponse().writeWith(Mono.just(exchange.getResponse()
.bufferFactory()
.wrap(body)));
}
private Mono<Void> forbidden(ServerWebExchange exchange, String message) {
exchange.getResponse().setStatusCode(HttpStatus.FORBIDDEN);
exchange.getResponse().getHeaders().set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
String bodyJson = "{\"code\":403,\"message\":\"%s\",\"data\":null}".formatted(message);
byte[] body = bodyJson.getBytes();
return exchange.getResponse().writeWith(Mono.just(exchange.getResponse()
.bufferFactory()
.wrap(body)));
}
private String safe(String value) {
return value == null ? "" : value;
}
}