ziin/keyboard_backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(config): 支持配置中心动态跳过指定用户签名校验

Browse Source
This commit is contained in:
ziin
2026-03-23 13:19:59 +08:00
parent eaf015fe48
commit b1ef4ee192
3 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/main/java/com/yolo/keyborad/Interceptor/SignInterceptor.java
View File

@@ -1,7 +1,10 @@
package com.yolo.keyborad.interceptor; package com.yolo.keyborad.interceptor;
import cn.dev33.satoken.stp.StpUtil;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature; import com.fasterxml.jackson.databind.SerializationFeature;
import com.yolo.keyborad.config.AppConfig;
import com.yolo.keyborad.config.NacosAppConfigCenter;
import com.yolo.keyborad.utils.SignUtils; import com.yolo.keyborad.utils.SignUtils;
import jakarta.servlet.DispatcherType; import jakarta.servlet.DispatcherType;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
@@ -25,6 +28,7 @@ public class SignInterceptor implements HandlerInterceptor {
private final ObjectMapper signValueObjectMapper = new ObjectMapper() private final ObjectMapper signValueObjectMapper = new ObjectMapper()
.configure(SerializationFeature.ORDER_MAP_ENTRIES_BY_KEYS, true); .configure(SerializationFeature.ORDER_MAP_ENTRIES_BY_KEYS, true);
private final StringRedisTemplate redisTemplate; private final StringRedisTemplate redisTemplate;
private final NacosAppConfigCenter.DynamicAppConfig cfgHolder;
// 允许时间误差 20秒 // 允许时间误差 20秒
private static final long ALLOW_TIME_DIFF_SECONDS = 200; private static final long ALLOW_TIME_DIFF_SECONDS = 200;
@@ -32,9 +36,11 @@ public class SignInterceptor implements HandlerInterceptor {
private static final long NONCE_EXPIRE_SECONDS = 300; private static final long NONCE_EXPIRE_SECONDS = 300;
public SignInterceptor(Map<String, String> appSecretMap, public SignInterceptor(Map<String, String> appSecretMap,
StringRedisTemplate redisTemplate) { StringRedisTemplate redisTemplate,
NacosAppConfigCenter.DynamicAppConfig cfgHolder) {
this.appSecretMap = appSecretMap; this.appSecretMap = appSecretMap;
this.redisTemplate = redisTemplate; this.redisTemplate = redisTemplate;
this.cfgHolder = cfgHolder;
} }
@Override @Override
@@ -43,6 +49,9 @@ public class SignInterceptor implements HandlerInterceptor {
if (request.getDispatcherType() != DispatcherType.REQUEST) { if (request.getDispatcherType() != DispatcherType.REQUEST) {
return true; return true;
} }
if (shouldSkipSignValidation()) {
return true;
}
String appId = request.getHeader("X-App-Id"); String appId = request.getHeader("X-App-Id");
String timestamp = request.getHeader("X-Timestamp"); String timestamp = request.getHeader("X-Timestamp");
@@ -121,6 +130,21 @@ public class SignInterceptor implements HandlerInterceptor {
return true; return true;
} }
private boolean shouldSkipSignValidation() {
AppConfig appConfig = cfgHolder.getRef().get();
if (appConfig == null || appConfig.getSkipUser() == null) {
return false;
}
List<Integer> skipList = appConfig.getSkipUser().getSkipList();
if (skipList == null || skipList.isEmpty()) {
return false;
}
long userId = StpUtil.getLoginIdAsLong();
return skipList.stream()
.filter(Objects::nonNull)
.anyMatch(skipUserId -> skipUserId.longValue() == userId);
}
private String stringifyForSign(Object value) { private String stringifyForSign(Object value) {
if (value == null) { if (value == null) {
return null; return null;

8
src/main/java/com/yolo/keyborad/config/AppConfig.java
View File

@@ -3,6 +3,7 @@ package com.yolo.keyborad.config;
import lombok.Data; import lombok.Data;
import java.math.BigDecimal; import java.math.BigDecimal;
import java.util.List;
/* /*
* @author: ziin * @author: ziin
@@ -21,6 +22,8 @@ public class AppConfig {
private customerMailConfig customerMailConfig = new customerMailConfig(); private customerMailConfig customerMailConfig = new customerMailConfig();
private skipUser skipUser = new skipUser();
@Data @Data
public static class UserRegisterProperties { public static class UserRegisterProperties {
@@ -41,6 +44,11 @@ public class AppConfig {
private Integer vectorSearchLimit = 1; private Integer vectorSearchLimit = 1;
} }
@Data
public static class skipUser{
private List<Integer> skipList = null;
}
@Data @Data
public static class LLmConfig { public static class LLmConfig {
//LLM系统提示语 //LLM系统提示语

7
src/main/java/com/yolo/keyborad/config/SaTokenConfigure.java
View File

@@ -22,9 +22,12 @@ import java.util.HashMap;
public class SaTokenConfigure implements WebMvcConfigurer { public class SaTokenConfigure implements WebMvcConfigurer {
private final StringRedisTemplate redisTemplate; private final StringRedisTemplate redisTemplate;
private final NacosAppConfigCenter.DynamicAppConfig cfgHolder;
public SaTokenConfigure(StringRedisTemplate redisTemplate) { public SaTokenConfigure(StringRedisTemplate redisTemplate,
NacosAppConfigCenter.DynamicAppConfig cfgHolder) {
this.redisTemplate = redisTemplate; this.redisTemplate = redisTemplate;
this.cfgHolder = cfgHolder;
} }
HashMap<String, String> appSecretMap = new HashMap<>(); HashMap<String, String> appSecretMap = new HashMap<>();
@@ -53,7 +56,7 @@ public class SaTokenConfigure implements WebMvcConfigurer {
.addPathPatterns("/**") .addPathPatterns("/**")
.excludePathPatterns(getExcludePaths()); .excludePathPatterns(getExcludePaths());
appSecretMap.put(appId, appSecret); appSecretMap.put(appId, appSecret);
registry.addInterceptor(new SignInterceptor(appSecretMap,redisTemplate)) registry.addInterceptor(new SignInterceptor(appSecretMap, redisTemplate, cfgHolder))
.addPathPatterns("/**") // 需要签名校验的接口 .addPathPatterns("/**") // 需要签名校验的接口
.excludePathPatterns(getExcludePaths()); // 不需要校验的接口; .excludePathPatterns(getExcludePaths()); // 不需要校验的接口;
} }