每日总结
消息队列应用
消息队列解耦系统组件。Kafka高吞吐、持久化,适合日志、流处理。RabbitMQ灵活路由,适合任务队列。使用场景:异步处理(如发送邮件)、削峰填谷(如秒杀)、事件驱动架构。保证消息可靠投递(确认机制、重试)。
package com.mentalhealth.controller;
import com.mentalhealth.entity.User;
import com.mentalhealth.repository.UserRepository;
import com.mentalhealth.util.JwtTokenUtil;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import java.util.Optional;
@Controller
@RequiredArgsConstructor
public class DashboardController {
private final JwtTokenUtil jwtTokenUtil;
private final UserRepository userRepository;
@GetMapping("/admin-dashboard")
public String adminDashboard(HttpServletRequest request, Model model) {
System.out.println("=== 进入 admin-dashboard 控制器 ===");
String username = getAuthenticatedUsername();
System.out.println("从SecurityContext获取的用户名: " + username);
if (username == null) {
username = validateTokenAndGetUsername(request);
System.out.println("从token验证获取的用户名: " + username);
}
if (username == null) {
System.out.println("无法获取用户信息,重定向到首页");
return "redirect:/?error=session_expired";
}
// 检查用户角色
Optional<User> user = userRepository.findByUsername(username);
if (user.isEmpty() || !"ADMIN".equals(user.get().getRole())) {
System.out.println("用户无权限访问管理员面板");
return "redirect:/?error=unauthorized";
}
model.addAttribute("username", username);
System.out.println("管理员面板加载成功,用户: " + username);
return "admin-dashboard";
}
@GetMapping("/consultant-dashboard")
public String consultantDashboard(HttpServletRequest request, Model model) {
System.out.println("=== 进入 consultant-dashboard 控制器 ===");
String username = getAuthenticatedUsername();
System.out.println("从SecurityContext获取的用户名: " + username);
if (username == null) {
username = validateTokenAndGetUsername(request);
System.out.println("从token验证获取的用户名: " + username);
}
if (username == null) {
System.out.println("无法获取用户信息,重定向到首页");
return "redirect:/?error=session_expired";
}
Optional<User> user = userRepository.findByUsername(username);
if (user.isEmpty() || !"CONSULTANT".equals(user.get().getRole())) {
System.out.println("用户无权限访问咨询师面板");
return "redirect:/?error=unauthorized";
}
model.addAttribute("username", username);
System.out.println("咨询师面板加载成功,用户: " + username);
return "consultant-dashboard";
}
@GetMapping("/user-dashboard")
public String userDashboard(HttpServletRequest request, Model model) {
System.out.println("=== 进入 user-dashboard 控制器 ===");
// 首先尝试从SecurityContext获取
String username = getAuthenticatedUsername();
System.out.println("从SecurityContext获取的用户名: " + username);
// 如果SecurityContext中没有,尝试从token获取
if (username == null) {
username = validateTokenAndGetUsername(request);
System.out.println("从token验证获取的用户名: " + username);
}
if (username == null) {
System.out.println("无法获取用户信息,重定向到首页");
return "redirect:/?error=session_expired";
}
model.addAttribute("username", username);
System.out.println("用户面板加载成功,最终用户名: " + username);
return "user-dashboard";
}
/**
* 从SecurityContext获取已认证的用户名
*/
private String getAuthenticatedUsername() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null &&
authentication.isAuthenticated() &&
!"anonymousUser".equals(authentication.getName())) {
return authentication.getName();
}
return null;
}
/**
* 从请求中验证token并获取用户名
*/
private String validateTokenAndGetUsername(HttpServletRequest request) {
String token = extractTokenFromRequest(request);
if (token != null && jwtTokenUtil.validateToken(token)) {
String username = jwtTokenUtil.getIdentifierFromToken(token);
System.out.println("Token验证成功,用户名: " + username);
return username;
}
System.out.println("Token验证失败或未找到token");
return null;
}
/**
* 从多个来源提取token
*/
private String extractTokenFromRequest(HttpServletRequest request) {
// 1. 从 URL 参数获取
String token = request.getParameter("token");
if (token != null && !token.isEmpty()) {
System.out.println("从URL参数获取token");
return token;
}
// 2. 从 Header 获取
String bearerToken = request.getHeader("Authorization");
if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
token = bearerToken.substring(7);
System.out.println("从Authorization头获取token");
return token;
}
// 3. 从 Cookie 获取
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if ("token".equals(cookie.getName())) {
token = cookie.getValue();
if (token != null && !token.isEmpty()) {
System.out.println("从Cookie获取token");
return token;
}
}
}
}
System.out.println("未找到任何token");
return null;
}
}
浙公网安备 33010602011771号