iailab-cloud/iailab-gateway/src/main/java/com/iailab/gateway/filter/security/TokenAuthenticationFilter.java

@@ -3,6 +3,7 @@
import cn.hutool.core.util.StrUtil;
import com.iailab.framework.common.core.KeyValue;
import com.iailab.framework.common.pojo.CommonResult;
import com.iailab.framework.common.util.date.LocalDateTimeUtils;
import com.iailab.framework.common.util.json.JsonUtils;
import com.iailab.gateway.util.SecurityFrameworkUtils;
import com.iailab.gateway.util.WebFrameworkUtils;
@@ -94,7 +95,8 @@
        // 重要说明：defaultIfEmpty 作用，保证 Mono.empty() 情况，可以继续执行 `flatMap 的 chain.filter(exchange)` 逻辑，避免返回给前端空的 Response！！
        return getLoginUser(exchange, token).defaultIfEmpty(LOGIN_USER_EMPTY).flatMap(user -> {
            // 1. 无用户，直接 filter 继续请求
            if (user == LOGIN_USER_EMPTY) {
            if (user == LOGIN_USER_EMPTY || // 下面 expiresTime 的判断，为了解决 token 实际已经过期的情况
                    user.getExpiresTime() == null || LocalDateTimeUtils.beforeNow(user.getExpiresTime())) {
                return chain.filter(exchange);
            }

@@ -153,12 +155,12 @@
        OAuth2AccessTokenCheckRespDTO tokenInfo = result.getData();
        return new LoginUser().setId(tokenInfo.getUserId()).setUserType(tokenInfo.getUserType())
                .setInfo(tokenInfo.getUserInfo()) // 额外的用户信息
                .setTenantId(tokenInfo.getTenantId()).setScopes(tokenInfo.getScopes());
                .setTenantId(tokenInfo.getTenantId()).setScopes(tokenInfo.getScopes())
                .setExpiresTime(tokenInfo.getExpiresTime());
    }

    @Override
    public int getOrder() {
        return -100; // 和 Spring Security Filter 的顺序对齐
    }

}