feat: 支持cookie中的token解析

cadecode · cadecode · commit 89f42d98aff7 · 2023-04-12T12:21:26.000+08:00
diff --git a/framework/src/main/java/top/cadecode/uniboot/framework/security/TokenAuthHolder.java b/framework/src/main/java/top/cadecode/uniboot/framework/security/TokenAuthHolder.java
@@ -1,14 +1,19 @@
 package top.cadecode.uniboot.framework.security;
 
 import cn.hutool.core.lang.UUID;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.json.JSONObject;
 import cn.hutool.jwt.JWT;
 import lombok.Data;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
 import java.util.Date;
 import java.util.List;
+import java.util.Optional;
 
 /**
  * JWT Token 工具类（基于 hutool）
@@ -111,4 +116,23 @@ public String generateUUID() {
         // 使用两个 UUID 拼接
         return UUID.fastUUID().toString(true) + UUID.fastUUID().toString(true);
     }
+
+    /**
+     * 从request对象解析token，cookie or header
+     *
+     * @param request HttpServletRequest
+     * @return token
+     */
+    public String getTokenFromRequest(HttpServletRequest request) {
+        Cookie[] cookies = request.getCookies();
+        if (ObjectUtil.isNotEmpty(cookies)) {
+            Optional<Cookie> optionalCookie = Arrays.stream(cookies)
+                    .filter(c -> ObjectUtil.equal(c.getName(), getHeader()))
+                    .findAny();
+            if (optionalCookie.isPresent()) {
+                return optionalCookie.get().getValue();
+            }
+        }
+        return request.getHeader(getHeader());
+    }
 }
diff --git a/framework/src/main/java/top/cadecode/uniboot/framework/security/filter/JwtTokenAuthFilter.java b/framework/src/main/java/top/cadecode/uniboot/framework/security/filter/JwtTokenAuthFilter.java
@@ -38,7 +38,7 @@ public AuthModelEnum getAuthModel() {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         String requestURI = request.getRequestURI();
-        String jwtToken = request.getHeader(tokenAuthHolder.getHeader());
+        String jwtToken = tokenAuthHolder.getTokenFromRequest(request);
         // token 不存在
         if (StrUtil.isEmpty(jwtToken)) {
             filterChain.doFilter(request, response);
diff --git a/framework/src/main/java/top/cadecode/uniboot/framework/security/filter/RedisTokenAuthFilter.java b/framework/src/main/java/top/cadecode/uniboot/framework/security/filter/RedisTokenAuthFilter.java
@@ -42,7 +42,7 @@ public AuthModelEnum getAuthModel() {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         String requestURI = request.getRequestURI();
-        String uuidToken = request.getHeader(tokenAuthHolder.getHeader());
+        String uuidToken = tokenAuthHolder.getTokenFromRequest(request);
         // token 不存在
         if (StrUtil.isEmpty(uuidToken)) {
             filterChain.doFilter(request, response);
