旗开得胜

src/main/java/com/greenorange/promotion/aop/PermissionCheck.java

@@ -1,7 +1,11 @@
 package com.greenorange.promotion.aop;
 
+import cn.hutool.core.date.DateUtil;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.exceptions.JWTDecodeException;
+import com.auth0.jwt.interfaces.Claim;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.greenorange.promotion.annotation.RequiresPermission;
 import com.greenorange.promotion.common.ErrorCode;
@@ -9,9 +13,11 @@ import com.greenorange.promotion.exception.ThrowUtils;
 import com.greenorange.promotion.model.entity.UserInfo;
 import com.greenorange.promotion.model.enums.UserRoleEnum;
 import com.greenorange.promotion.service.user.UserInfoService;
+import com.greenorange.promotion.utils.JWTUtils;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.catalina.User;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
@@ -19,6 +25,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
+import java.util.Date;
 import java.util.Objects;
 
 
@@ -36,6 +43,9 @@ public class PermissionCheck {
     private UserInfoService userInfoService;
 
 
+    @Resource
+    private JWTUtils jwtUtils;
+
  
     /***
      * 执行拦截
@@ -50,16 +60,21 @@ public class PermissionCheck {
         UserRoleEnum mustUserRoleEnum = UserRoleEnum.getEnumByValues(mustRole);
         ThrowUtils.throwIf(mustUserRoleEnum == null, ErrorCode.NO_AUTH_ERROR);
         // 获取用户权限
-        String token = request.getHeader("token");
-        ThrowUtils.throwIf(StringUtils.isBlank(token), ErrorCode.NOT_LOGIN_ERROR);
-        String id = null;
-        try {
-            id = JWT.decode(token).getAudience().get(0);
-        } catch (JWTDecodeException jwtDecodeException) {
-            log.info("JWT已失效");
-        }
-        UserInfo userInfo = userInfoService.getById(id);
-        ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR);
+        String token = request.getHeader("Authorization");
+        ThrowUtils.throwIf(StringUtils.isBlank(token), ErrorCode.NO_AUTH_ERROR, "JWT为空");
+        // 解析token
+        DecodedJWT decodedJWT = jwtUtils.verify(token);
+        String userAccount = decodedJWT.getClaim("userAccount").asString();
+        String userPassword = decodedJWT.getClaim("userPassword").asString();
+        // 打印token的过期时间
+        Date expiresAt = decodedJWT.getExpiresAt();
+        String formatExpiresAt = DateUtil.format(expiresAt, "yyyy-MM-dd HH:mm:ss");
+        log.info("Token过期时间为:" + formatExpiresAt);
+        LambdaQueryWrapper<UserInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
+        lambdaQueryWrapper.eq(UserInfo::getUserAccount, userAccount).eq(UserInfo::getUserPassword, userPassword);
+        UserInfo userInfo = userInfoService.getOne(lambdaQueryWrapper);
+        ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR, "用户不存在");
+
         // 获取用户权限的枚举类
         String userRole = userInfo.getUserRole();
         UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValues(userRole);