init: rebuild myplayer-backend

2025-11-13 11:10:07 +08:00
commit 575041905b
16 changed files with 1062 additions and 0 deletions
--- a/src/main/java/xin/merlin/myplayerbackend/config/MyBatisPlusConfig.java
+++ b/src/main/java/xin/merlin/myplayerbackend/config/MyBatisPlusConfig.java
@@ -0,0 +1,18 @@
+package xin.merlin.myplayerbackend.config;
+
+import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class MyBatisPlusConfig {
+
+    @Bean
+    public MybatisPlusInterceptor mybatisPlusInterceptor() {
+        MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
+        interceptor.addInnerInterceptor(new PaginationInnerInterceptor());
+        return interceptor;
+    }
+}
+
--- a/src/main/java/xin/merlin/myplayerbackend/config/security/JWTAuthenticationFilter.java
+++ b/src/main/java/xin/merlin/myplayerbackend/config/security/JWTAuthenticationFilter.java
@@ -0,0 +1,68 @@
+package xin.merlin.myplayerbackend.config.security;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+import xin.merlin.myplayerbackend.utils.JwtUtil;
+
+
+import java.io.IOException;
+import java.util.Collections;
+
+@Component
+@RequiredArgsConstructor
+public class JWTAuthenticationFilter extends OncePerRequestFilter {
+
+    private final JwtUtil jwtUtil;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request,
+                                    HttpServletResponse response,
+                                    FilterChain filterChain)
+            throws ServletException, IOException {
+
+        String authHeader = request.getHeader("Authorization");
+
+        if (authHeader != null && authHeader.startsWith("Bearer ")) {
+            String token = authHeader.substring(7).trim();
+
+            try {
+                if (!jwtUtil.isTokenExpired(token)) {
+                    System.out.println(token);
+                    String username = jwtUtil.getUAccount(token);
+
+                    if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+                        UsernamePasswordAuthenticationToken authenticationToken =
+                                new UsernamePasswordAuthenticationToken(username, null, Collections.emptyList());
+                        authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+                        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+                    }
+                }
+            } catch (JwtUtil.TokenExpiredException e) {
+                // Token 过期，返回 401
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.getWriter().write("Token 已过期，请重新登录");
+                return;
+            } catch (JwtUtil.InvalidTokenException e) {
+                // Token 非法，返回 401
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.getWriter().write("无效的 Token，请重新登录");
+                return;
+            } catch (Exception e) {
+                // 其他异常
+                response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                response.getWriter().write("服务器内部错误");
+                return;
+            }
+        }
+
+        filterChain.doFilter(request, response);
+    }
+}
--- a/src/main/java/xin/merlin/myplayerbackend/config/security/JwtProperties.java
+++ b/src/main/java/xin/merlin/myplayerbackend/config/security/JwtProperties.java
@@ -0,0 +1,15 @@
+package xin.merlin.myplayerbackend.config.security;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+@Data
+@Configuration
+@ConfigurationProperties(prefix = "jwt")
+public class JwtProperties {
+    private String secret;
+    private String issuer;
+    private String subject;
+    private long expire; // 秒
+}
--- a/src/main/java/xin/merlin/myplayerbackend/config/security/PasswordConfig.java
+++ b/src/main/java/xin/merlin/myplayerbackend/config/security/PasswordConfig.java
@@ -0,0 +1,17 @@
+package xin.merlin.myplayerbackend.config.security;
+
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class PasswordConfig {
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}
--- a/src/main/java/xin/merlin/myplayerbackend/config/security/SecurityConfig.java
+++ b/src/main/java/xin/merlin/myplayerbackend/config/security/SecurityConfig.java
@@ -0,0 +1,60 @@
+package xin.merlin.myplayerbackend.config.security;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+    private final JWTAuthenticationFilter jwtAuthenticationFilter;
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .authorizeHttpRequests(authz -> authz
+                        .requestMatchers(
+                                "/login",
+                                "/register",
+                                "/health",
+                                "/code/**",
+                                "/blog/**"
+                        ).permitAll()
+                        .anyRequest().authenticated()
+                )
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+
+    // 新增：全局CORS配置
+    @Bean
+    public WebMvcConfigurer corsConfigurer() {
+        return new WebMvcConfigurer() {
+            @Override
+            public void addCorsMappings(CorsRegistry registry) {
+                registry.addMapping("/**")
+                        .allowedOriginPatterns("*") // 开发阶段允许所有来源
+                        .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+                        .allowedHeaders("*")
+                        .exposedHeaders("Authorization")
+                        .allowCredentials(true)
+                        .maxAge(3600L);
+            }
+        };
+    }
+}