可以根据拦截器实现
1. 首先写一个WebSocketInterceptor,继承 TextWebSocketHandler 实现 HandshakeInterceptor
/**
* 在握手之前执行该方法, 继续握手返回true, 中断握手返回false. 通过attributes参数设置WebSocketSession的属性
*/
@Override
public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler,
Map<String, Object> attributes) throws Exception {
String token = getToken(request.getURI().toString());
JSONObject params = new JSONObject();
params.put("accessToken", token);
UrlProperties properties = UrlProperties.getUrlProperties();
int code = HttpUtils.checkToken(properties.getChecktokenurl(), params);
if (code == 200) {
logger.info("TOKEN为【{}】的用户准备建立消息连接", token);
return true;
}
return false;
}
/**
* 在握手之后执行该方法. 无论是否握手成功都指明了响应状态码和相应头.
*/
@Override
public void afterHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler,
Exception exception) {
String token = getToken(request.getURI().toString());
logger.info("TOKEN为【{}】的用户建立消息连接已完成", token);
}
private String getToken(String uri) {
int index = uri.indexOf("accessToken=");
return uri.substring(index + 12, uri.length());
}
/**
* 用户进入系统监听
*/
@Override
public void afterConnectionEstablished(WebSocketSession session) throws Exception {
logger.info("xxx用户进入系统。。。");
logger.info("用户信息:" + session.getAttributes());
System.out.println(session.getAttributes());
System.out.println("xxx用户进入系统。。。");
Map<String, Object> map = session.getAttributes();
for (String key : map.keySet()) {
System.out.println("key:" + key + " and value:" + map.get(key));
}
}
OK,如此这样 token 验证就完成了!(欢迎分享)