登录鉴权按照Source判断id来自于何处

2026-05-13 09:40:32 +08:00
parent 912d5efee7
commit daf40ab224
6 changed files with 120 additions and 20 deletions
--- a/src/main/java/com/aida/seller/common/context/UserContext.java
+++ b/src/main/java/com/aida/seller/common/context/UserContext.java
@@ -1,24 +1,55 @@
 package com.aida.seller.common.context;

+import com.aida.seller.common.exception.UnauthorizedException;
 import com.aida.seller.model.vo.AuthPrincipalVo;

 public class UserContext {
    private static final ThreadLocal<AuthPrincipalVo> userHolder = new ThreadLocal<>();
-
-    public static AuthPrincipalVo getUserHolder() {
-        return userHolder.get();
-    }
-
-    public static void delete() {
-        userHolder.remove();
-    }
+    private static final ThreadLocal<Boolean> optionalAuth = ThreadLocal.withInitial(() -> false);

    public static void setUserHolder(AuthPrincipalVo authPrincipalVo) {
        userHolder.set(authPrincipalVo);
    }

-    public static Long getUserId() {
+    public static void setOptionalAuth(boolean value) {
+        optionalAuth.set(value);
+    }
+
+    public static AuthPrincipalVo getUserHolder() {
        AuthPrincipalVo holder = userHolder.get();
-        return holder != null ? holder.getId() : null;
+        if (holder == null) {
+            if (optionalAuth.get()) {
+                return null;
+            }
+            throw new UnauthorizedException("Gateway token verification failed");
+        }
+        if (!"AIDA".equals(holder.getSource())) {
+            throw new UnauthorizedException("Gateway token verification failed");
+        }
+        return holder;
+    }
+
+    public static void delete() {
+        userHolder.remove();
+        optionalAuth.remove();
+    }
+
+    public static Long getUserId() {
+        return getUserHolder() == null ? null : getUserHolder().getId();
+    }
+
+    //买家端请求需要调用此方法获取买家id
+    public static Long getBuyerId() {
+        AuthPrincipalVo holder = userHolder.get();
+        if (holder == null) {
+            if (optionalAuth.get()) {
+                return null;
+            }
+            throw new UnauthorizedException("Gateway token verification failed");
+        }
+        if (!"BUYER".equals(holder.getSource())) {
+            throw new UnauthorizedException("Gateway token verification failed");
+        }
+        return holder.getId();
    }
 }