fix: modify some codes

Jarrettluo · Jarrettluo · commit f11ef93bddaa · 2024-07-17T08:57:39.000+08:00
diff --git a/src/main/java/com/jiaruiblog/auth/AuthenticationInterceptor.java b/src/main/java/com/jiaruiblog/auth/AuthenticationInterceptor.java
@@ -17,7 +17,7 @@
 
 /**
  * @ClassName AuthenticationInterceptor
- * @Description 权限校验，拦截器
+ * @Description 权限校验，拦截器Interceptor, 拦截器在过滤器Filter之后
  * 参考文章： 注解式权限校验 https://blog.csdn.net/LitongZero/article/details/103628706
  * @Author luojiarui
  * @Date 2022/12/7 20:24
diff --git a/src/main/java/com/jiaruiblog/config/AuthConfig.java b/src/main/java/com/jiaruiblog/config/AuthConfig.java
@@ -2,7 +2,6 @@
 
 import com.jiaruiblog.auth.AuthenticationInterceptor;
 import com.jiaruiblog.service.IUserService;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
diff --git a/src/main/java/com/jiaruiblog/filter/CorsFilter.java b/src/main/java/com/jiaruiblog/filter/CorsFilter.java
diff --git a/src/main/java/com/jiaruiblog/filter/JwtFilter.java b/src/main/java/com/jiaruiblog/filter/JwtFilter.java
@@ -23,17 +23,14 @@
  * @version v2.0
  */
 @Slf4j
-@WebFilter(filterName = "JwtFilter", urlPatterns = {
-        "/comment/auth/*", "/user/auth/*", "/collect/auth/*", "/document/auth/*",
-        "/docReview/*", "/docLog/*", "/like/*", "/files/auth/*", "/category/auth/*"
-})
+@WebFilter(filterName = "JwtFilter", urlPatterns = {"/*"})
 public class JwtFilter implements Filter
 {
 
     private static final String OPTIONS = "OPTIONS";
 
     /**
-     * 安全的url，不需要令牌
+     * 安全的url，不需要令牌; 游客可以访问的
      */
     private static final List<String> SAFE_URL_LIST = Arrays.asList("/userInfo/login", "/userInfo/register");
 
@@ -65,6 +62,7 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
                 return;
             }
 
+            // 校验token是否合法，如果合法则去除其中的信息放到request中
             Map<String, Claim> userData = JwtUtil.verifyToken(token);
             if (CollectionUtils.isEmpty(userData)) {
                 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
diff --git a/src/main/java/com/jiaruiblog/util/JwtUtil.java b/src/main/java/com/jiaruiblog/util/JwtUtil.java
@@ -5,11 +5,8 @@
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.DecodedJWT;
-
 import com.google.common.collect.Maps;
 import com.jiaruiblog.entity.User;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.util.Date;
 import java.util.HashMap;
@@ -28,17 +25,16 @@ private JwtUtil() {
         throw new IllegalStateException("jwtUtil error");
     }
 
-    private static final Logger logger = LoggerFactory.getLogger(JwtUtil.class);
     /**
      * 密钥
      */
     private static final String SECRET = "my_secret";
 
     /**
-     * 过期时间
+     * 过期时间：2天
      * 单位为秒
      **/
-    private static final long EXPIRATION = 18000L;
+    private static final long EXPIRATION = 864000L;
 
     /**
      * 生成用户token,设置token超时时间
@@ -50,8 +46,8 @@ public static String createToken(User user) {
         map.put("alg", "HS256");
         map.put("typ", "JWT");
         // 添加头部
-        //可以将基本信息放到claims中
-        //超时设置,设置过期的日期
+        // 可以将基本信息放到claims中
+        // 超时设置,设置过期的日期
         return JWT.create()
                 .withHeader(map)
                 .withClaim("id", user.getId())
