日志

yd-auth-core/src/main/java/com/yd/auth/core/security/JwtAuthenticationFilter.java

@@ -10,6 +10,7 @@ import com.yd.user.feign.response.sysuser.ApiSysUserDetailResponse;
 import com.yd.user.service.model.SysUser;
 import com.yd.user.service.service.ISysUserService;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -18,7 +19,6 @@ import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Component;
-import org.springframework.util.StringUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
@@ -57,7 +57,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
         log.info("从HTTP请求中解析JWT令牌（通常从Authorization头获取）:{}",token);
 
         // 2. 检查令牌是否存在且有效
-        if (token != null) {
+        if (StringUtils.isNotBlank(token)) {
             if (tokenProvider.validateToken(token)){
                 // 3. 从JWT令牌中提取用户唯一标识(业务ID)
                 String userBizId = tokenProvider.getUserBizIdFromToken(token);
@@ -135,7 +135,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
     private String resolveToken(HttpServletRequest request) {
         String bearerToken = request.getHeader("Authorization");
-        if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
+        if (org.springframework.util.StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
             return bearerToken.substring(7);
         }
         return bearerToken;