token 验证失败时，返回401

bb7f8a32 · 严俊 · d8912115 · bb7f8a32
Commit bb7f8a32 authored Oct 09, 2024 by 严俊
Show whitespace changes
Inline Side-by-side

Showing with 11 additions and 2 deletions

TokenInterceptor.java .../com/afanticar/afantiopenapi/config/TokenInterceptor.java +11 -2

No files found.
--- a/src/main/java/com/afanticar/afantiopenapi/config/TokenInterceptor.java
+++ b/src/main/java/com/afanticar/afantiopenapi/config/TokenInterceptor.java
@@ -36,12 +36,21 @@ public class TokenInterceptor implements HandlerInterceptor {
        }
        String token = request.getHeader("authorization");
        if (StrUtil.isNotBlank(token)) {
-            request.setAttribute("clientId", JWTUtils.getClientId(token));
+            try{
+                String clientId = JWTUtils.getClientId(token);
+                request.setAttribute("clientId", clientId);
+            }catch (Exception e){
+                response.setCharacterEncoding("UTF-8");
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.setContentType("application/json");
+                response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败,无效的token")));
+                return false;
+            }
        } else {
            response.setCharacterEncoding("UTF-8");
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            response.setContentType("application/json");
-            response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败")));
+            response.getWriter().append(JSONObject.toJSONString(BaseController.error("401", "认证失败,无效的token")));
            return false;
        }
        return true;