实现JWT身份认证机制，新增JWT认证过滤器和服务，更新链接生成接口以支持JWT验证，删除旧的用户控制器，添加JWT认证文档，增强错误处理和日志记录。

2025-08-25 21:26:16 +08:00
parent 3f01d8590a
commit 7317866f98
54 changed files with 551 additions and 163 deletions
--- a/src/main/java/com/gameplatform/server/controller/UserController.java
+++ b/src/main/java/com/gameplatform/server/controller/UserController.java
@@ -1,92 +0,0 @@
-package com.gameplatform.server.controller;
-
-import com.gameplatform.server.model.dto.account.AccountCreateRequest;
-import com.gameplatform.server.model.dto.account.AccountResponse;
-import com.gameplatform.server.model.dto.account.AccountUpdateRequest;
-import com.gameplatform.server.model.dto.common.PageResult;
-import com.gameplatform.server.service.account.AccountService;
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.tags.Tag;
-import jakarta.validation.Valid;
-import org.springframework.http.HttpStatus;
-import org.springframework.web.bind.annotation.*;
-import reactor.core.publisher.Mono;
-
-/**
- * 用户接口控制器 - 基于UserAccount实体
- * 提供用户账户的基本CRUD操作
- */
-@RestController
-@RequestMapping("/api/users")
-@Tag(name = "用户账户管理", description = "用户账户的增删改查操作")
-public class UserController {
-    private final AccountService accountService;
-
-    public UserController(AccountService accountService) {
-        this.accountService = accountService;
-    }
-
-    /**
-     * 根据ID获取用户账户信息
-     */
-    @GetMapping("/{id}")
-    @Operation(summary = "获取用户详情", description = "根据用户ID获取用户详细信息")
-    public Mono<AccountResponse> getById(@Parameter(description = "用户ID") @PathVariable Long id) {
-        return accountService.get(id);
-    }
-
-    /**
-     * 分页查询用户列表
-     */
-    @GetMapping
-    @Operation(summary = "获取用户列表", description = "分页获取用户列表，支持按用户类型、状态、关键词筛选")
-    public Mono<PageResult<AccountResponse>> list(
-            @Parameter(description = "用户类型：ADMIN 或 AGENT") @RequestParam(value = "userType", required = false) String userType,
-            @Parameter(description = "账户状态：ENABLED 或 DISABLED") @RequestParam(value = "status", required = false) String status,
-            @Parameter(description = "搜索关键词") @RequestParam(value = "keyword", required = false) String keyword,
-            @Parameter(description = "页码，默认1") @RequestParam(value = "page", defaultValue = "1") Integer page,
-            @Parameter(description = "每页大小，默认20") @RequestParam(value = "size", defaultValue = "20") Integer size
-    ) {
-        return accountService.list(userType, status, keyword, page, size);
-    }
-
-    /**
-     * 创建新用户账户
-     */
-    @PostMapping
-    @ResponseStatus(HttpStatus.CREATED)
-    @Operation(summary = "创建用户", description = "创建新的代理用户账户")
-    public Mono<AccountResponse> create(@Valid @RequestBody AccountCreateRequest request) {
-        return accountService.create(request);
-    }
-
-    /**
-     * 更新用户账户信息
-     */
-    @PutMapping("/{id}")
-    @Operation(summary = "更新用户", description = "更新用户账户信息")
-    public Mono<AccountResponse> update(@Parameter(description = "用户ID") @PathVariable Long id, @Valid @RequestBody AccountUpdateRequest request) {
-        return accountService.update(id, request);
-    }
-
-    /**
-     * 启用用户账户
-     */
-    @PostMapping("/{id}/enable")
-    @ResponseStatus(HttpStatus.NO_CONTENT)
-    @Operation(summary = "启用用户", description = "启用指定用户账户")
-    public Mono<Void> enable(@Parameter(description = "用户ID") @PathVariable Long id) {
-        return accountService.setStatus(id, "ENABLED").then();
-    }
-
-    /**
-     * 禁用用户账户
-     */
-    @PostMapping("/{id}/disable")
-    @ResponseStatus(HttpStatus.NO_CONTENT)
-    @Operation(summary = "禁用用户", description = "禁用指定用户账户")
-    public Mono<Void> disable(@Parameter(description = "用户ID") @PathVariable Long id) {
-        return accountService.setStatus(id, "DISABLED").then();
-    }
-}
--- a/src/main/java/com/gameplatform/server/controller/link/LinkController.java
+++ b/src/main/java/com/gameplatform/server/controller/link/LinkController.java
@@ -3,18 +3,26 @@ package com.gameplatform.server.controller.link;
 import com.gameplatform.server.model.dto.link.LinkGenerateRequest;
 import com.gameplatform.server.model.dto.link.LinkGenerateResponse;
 import com.gameplatform.server.service.link.LinkGenerationService;
+import io.jsonwebtoken.Claims;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.validation.Valid;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.ReactiveSecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Mono;

-
@RestController
@RequestMapping("/api/link")
-@Tag(name = "链接管理", description = "生成链接与二维码代理")
+@Tag(name = "链接管理", description = "链接生成和管理相关接口")
 public class LinkController {
+    private static final Logger log = LoggerFactory.getLogger(LinkController.class);
+
    private final LinkGenerationService linkGenerationService;

    public LinkController(LinkGenerationService linkGenerationService) {
@@ -22,27 +30,87 @@ public class LinkController {
    }

    @PostMapping("/generate")
-    @ResponseStatus(HttpStatus.CREATED)
-    @Operation(summary = "生成链接批次", description = "times * perTimeQuantity = 目标点数；代理需扣点，管理员不扣")
-    public Mono<LinkGenerateResponse> generate(@Valid @RequestBody LinkGenerateRequest req,
-                                               @RequestHeader(value = "X-Operator-Id", required = false) Long operatorId,
-                                               @RequestHeader(value = "X-Operator-Type", required = false) String operatorType) {
-        // 暂时用两个 Header 传操作者信息；后续接入 JWT 解析
-        Long targetAccountId = req.getAgentAccountId() != null ? req.getAgentAccountId() : operatorId;
-        return linkGenerationService.generateLinks(operatorId, safeUpper(operatorType), targetAccountId,
-                        defaultInt(req.getTimes(), 0), defaultInt(req.getPerTimeQuantity(), 0))
-                .map(r -> {
-                    LinkGenerateResponse resp = new LinkGenerateResponse();
-                    resp.setBatchId(r.getBatchId());
-                    resp.setDeductPoints(r.getNeedPoints());
-                    resp.setExpireAt(r.getExpireAt());
-                    resp.setCodeNos(r.getCodeNos());
-                    return resp;
+    @ResponseStatus(HttpStatus.OK)
+    @Operation(summary = "生成链接批次", description = "生成指定数量的链接批次。所有用户（管理员和代理商）都只能为自己生成链接，代理用户生成链接时会扣除积分，管理员生成链接时不扣除积分")
+    public Mono<LinkGenerateResponse> generateLinks(@Valid @RequestBody LinkGenerateRequest request, 
+                                                   Authentication authentication) {
+        log.info("=== 开始处理链接生成请求 ===");
+        log.info("请求参数: times={}, perTimeQuantity={}", 
+                request.getTimes(), request.getPerTimeQuantity());
+        
+        log.info("=== 开始检查认证信息 ===");
+        log.info("Authentication: {}", authentication);
+        
+        if (authentication == null) {
+            log.error("=== 认证失败：Authentication为空 ===");
+            return Mono.error(new IllegalArgumentException("用户未认证：Authentication为空"));
+        }
+        
+        log.info("Authentication获取成功: {}", authentication);
+        log.info("Authentication是否已认证: {}", authentication.isAuthenticated());
+        log.info("Authentication的principal: {}", authentication.getPrincipal());
+        log.info("Authentication的authorities: {}", authentication.getAuthorities());
+        log.info("Authentication的details: {}", authentication.getDetails());
+        
+        if (!authentication.isAuthenticated()) {
+            log.error("=== 认证失败：Authentication未通过验证 ===");
+            log.error("Authentication详情: {}", authentication);
+            return Mono.error(new IllegalArgumentException("用户未认证：Authentication未通过验证"));
+        }
+        
+        log.info("=== 认证验证通过 ===");
+
+        // 从认证对象中获取用户信息
+        log.info("开始解析Claims信息");
+        Claims claims = (Claims) authentication.getDetails();
+        if (claims == null) {
+            log.error("=== 认证失败：Claims为空 ===");
+            log.error("Authentication details: {}", authentication.getDetails());
+            return Mono.error(new IllegalArgumentException("用户未认证：Claims为空"));
+        }
+        
+        log.info("Claims获取成功，开始解析用户信息");
+        log.info("Claims内容: {}", claims);
+        log.info("Claims的subject: {}", claims.getSubject());
+        log.info("Claims的issuedAt: {}", claims.getIssuedAt());
+        log.info("Claims的expiration: {}", claims.getExpiration());
+        
+        Long operatorId = claims.get("userId", Long.class);
+        String operatorType = claims.get("userType", String.class);
+        String username = claims.get("username", String.class);
+        
+        log.info("解析出的用户信息 - operatorId: {}, operatorType: {}, username: {}", 
+                operatorId, operatorType, username);
+
+        if (operatorId == null || operatorType == null) {
+            log.error("=== 认证失败：缺少必要的用户信息 ===");
+            log.error("operatorId: {}, operatorType: {}, username: {}", operatorId, operatorType, username);
+            log.error("Claims中所有键: {}", claims.keySet());
+            return Mono.error(new IllegalArgumentException("用户未认证：缺少必要的用户信息"));
+        }
+
+        log.info("=== 用户认证信息完整，开始处理业务逻辑 ===");
+        log.info("操作者信息: operatorId={}, operatorType={}, username={}", 
+                operatorId, operatorType, username);
+        log.info("业务参数: times={}, perTimeQuantity={}", 
+                request.getTimes(), request.getPerTimeQuantity());
+
+        return linkGenerationService.generateLinks(operatorId, operatorType, 
+                request.getTimes(), request.getPerTimeQuantity())
+                .map(result -> {
+                    log.info("链接生成成功，batchId: {}, 扣除积分: {}, 过期时间: {}", 
+                            result.getBatchId(), result.getNeedPoints(), result.getExpireAt());
+                    LinkGenerateResponse response = new LinkGenerateResponse();
+                    response.setBatchId(result.getBatchId());
+                    response.setDeductPoints(result.getNeedPoints());
+                    response.setExpireAt(result.getExpireAt());
+                    response.setCodeNos(result.getCodeNos());
+                    return response;
+                })
+                .doOnError(error -> {
+                    log.error("链接生成失败: {}", error.getMessage(), error);
                });
    }
-
-    private static String safeUpper(String s) { return s == null ? null : s.toUpperCase(); }
-    private static int defaultInt(Integer v, int d) { return v == null ? d : v; }
 }