From eaafb57b8373c7be7ddcc74799a26ee5a95d2270 Mon Sep 17 00:00:00 2001
From: zhaolongfei <2651195677@qq.com>
Date: Mon, 11 Nov 2024 15:15:28 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A7=86=E9=A2=91=E8=BF=9B=E8=A1=8C=E5=B7=A5?=
 =?UTF-8?q?=E5=8F=B7=E9=AA=8C=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../xboe/module/course/api/CourseWareApi.java | 37 ++++++++++++-------
 1 file changed, 24 insertions(+), 13 deletions(-)

diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
index e30609a4..d5160ebf 100644
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
@@ -59,7 +59,7 @@ public class CourseWareApi extends ApiBaseController {
 
 	/**
 	 * 资源地址的加密，返回加密后的地址
-	 * 
+	 *
 	 * @param request
 	 * @param response
 	 * @param cfid     资源地址的id
@@ -94,14 +94,16 @@ public class CourseWareApi extends ApiBaseController {
 
 	/**
 	 * 获取资源，在header中保存
-	 * 
+	 *
 	 * @param request
 	 * @param response
 	 * @throws Exception
 	 */
 	@GetMapping("/resource")
 	public JsonResponse<String> getVideo(HttpServletRequest request, HttpServletResponse response, String sign,
-										 @CookieValue String token) throws Exception {
+										 @CookieValue(name = "token",required = false)String token
+	) throws Exception {
+
 		if (StringUtils.isBlank(sign)) {
 			return badRequest("非法请求");
 		}
@@ -120,12 +122,18 @@ public class CourseWareApi extends ApiBaseController {
 		if(!has) {
 			return badRequest("页面不存在");
 		}
+//		String token = request.getHeader("Xboe-Access-Token");
+//		if (StringUtils.isEmpty(token)) {
+//			token = request.getHeader("token");
+//		}
 //		读取cookies中的时间
-		String cookieTime = getSignTimeCookie(request);
-		if (StringUtils.isBlank(cookieTime)) {
-			return badRequest("不支持的请求");
-		}
+//		String cookieTime = getSignTimeCookie(request);
+//		if (StringUtils.isBlank(cookieTime)) {
+//			return badRequest("不支持的请求");
+//		}
 		String userInfo = CacheName.NAME_INFO + ":"+ token;
+		log.info("请求头里的token值：:"+token);
+		log.info("从 Redis 获取的userInfo:"+userInfo);
 		Object o = redisTemplate.opsForValue().get(userInfo);
 		if (o == null) {
 			log.error("从 Redis 获取的值为 null ,", userInfo);
@@ -152,12 +160,15 @@ public class CourseWareApi extends ApiBaseController {
 			return badRequest("验证错误");
 		}
 
-//		String time = signStr.substring(0, signStr.indexOf("/"));// 时间字符中，long
-//		String workNum = signStr.substring(2, signStr.indexOf("/"));// 工号，long
-		String[] array = signStr.split("/");
+		String time = signStr.substring(0, signStr.indexOf("/"));// 时间字符中，long
+		String[] split = signStr.split("/");
 		String cfid = signStr.substring(index+1);// 文件路径
-		if (!array[2].equals(userNo)){
-			return badRequest("token验证失败");
+		log.info("解密后的字符串:"+signStr);
+
+		log.info("workNum工号对比:"+split[2]);
+		log.info("userNo工号对比:"+userNo);
+		if (!split[2].equals(userNo)){
+			return badRequest("token验证失效");
 		}
 //		if (!time.equals(cookieTime)) {
 //			log.info("请求头时间和解析后的时间对比:"+"解析时间:"+time+"    请求头时间："+cookieTime);
@@ -190,7 +201,7 @@ public class CourseWareApi extends ApiBaseController {
 
 	/**
 	 * 读取cookies值
-	 * 
+	 *
 	 * @param request
 	 * @return
 	 */