refactor: 重构后端认证和响应处理逻辑

重构JWT认证过滤器，提取公共工具类处理认证逻辑
添加ResponseUtils统一处理响应格式
优化BoardController使用工具类简化代码
前端统一使用自定义axios实例
添加开发工具依赖和热重载配置

Author: mygithubname

backend/pom.xml

@@ -71,6 +71,14 @@
             <optional>true</optional>
         </dependency>
 
+        <!-- Spring Boot DevTools for hot reload -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-devtools</artifactId>
+            <scope>runtime</scope>
+            <optional>true</optional>
+        </dependency>
+
         <!-- JWT -->
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
@@ -103,6 +111,10 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <fork>true</fork>
+                    <addResources>true</addResources>
+                </configuration>
             </plugin>
         </plugins>
     </build>

backend/src/main/java/com/easydraw/controller/AppController.java

@@ -24,6 +24,43 @@ public AppController(UserService userService, JwtService jwtService) {
         this.userService = userService;
         this.jwtService = jwtService;
     }
+    
+    /**
+     * 模糊处理邮箱地址
+     * @param email 邮箱地址
+     * @return 模糊处理后的邮箱地址
+     */
+    private String maskEmail(String email) {
+        if (email == null || email.isEmpty()) {
+            return email;
+        }
+        int atIndex = email.indexOf('@');
+        if (atIndex <= 2) {
+            // 邮箱前缀太短，只显示第一个字符
+            return email.substring(0, 1) + "***" + email.substring(atIndex);
+        } else {
+            // 显示前两个字符，其余用***替换
+            return email.substring(0, 2) + "***" + email.substring(atIndex);
+        }
+    }
+    
+    /**
+     * 模糊处理ID
+     * @param id ID字符串
+     * @return 模糊处理后的ID
+     */
+    private String maskId(String id) {
+        if (id == null || id.isEmpty()) {
+            return id;
+        }
+        if (id.length() <= 8) {
+            // ID太短，只显示前4个字符
+            return id.substring(0, Math.min(4, id.length())) + "***";
+        } else {
+            // 显示前4个字符和后4个字符，中间用***替换
+            return id.substring(0, 4) + "***" + id.substring(id.length() - 4);
+        }
+    }
 
     @GetMapping("/user")
     public Map<String, Object> getUser(@RequestHeader(value = "Authorization", required = false) String authorization) {
@@ -37,9 +74,9 @@ public Map<String, Object> getUser(@RequestHeader(value = "Authorization", requi
                 UserDto userDto = userService.getUser(userId);
 
                 Map<String, Object> user = new HashMap<>();
-                user.put("id", userDto.getId());
+                user.put("id", maskId(userDto.getId()));
                 user.put("name", userDto.getUsername());
-                user.put("email", userDto.getEmail());
+                user.put("email", maskEmail(userDto.getEmail()));
                 user.put("role", userDto.getRole());
 
                 Map<String, Object> response = new HashMap<>();

backend/src/main/java/com/easydraw/controller/BoardController.java

@@ -2,12 +2,13 @@
 
 import com.easydraw.dto.BoardDto;
 import com.easydraw.service.BoardService;
+import com.easydraw.utils.ResponseUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.UUID;
@@ -27,63 +28,44 @@ private UUID getSecurityUUID() {
         // 从认证信息获取用户ID
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         if (authentication == null || !authentication.isAuthenticated()) {
-            // 临时方案，实际应该抛出认证异常
-            return UUID.fromString("550e8400-e29b-41d4-a716-446655440001");
+            // 抛出认证异常
+            throw new InsufficientAuthenticationException("User not authenticated");
         }
-        // 这里应该从JWT token中获取用户ID，暂时使用用户名作为ID
-        return UUID.fromString(authentication.getName());
+        // 从JWT token中获取用户ID
+        String principal = authentication.getName();
+        return UUID.fromString(principal);
     }
 
     @PostMapping
     public Map<String, Object> createBoard(@RequestBody BoardRequest request) {
         UUID creatorId = this.getSecurityUUID();
         BoardDto boardDto = boardService.createBoard(request.getName(), request.getCategory(), creatorId);
-        
-        Map<String, Object> response = new HashMap<>();
-        response.put("data", boardDto);
-        response.put("status", "success");
-        return response;
+        return ResponseUtils.buildSuccessResponse(boardDto);
     }
 
     @GetMapping
     public Map<String, Object> getBoards() {
         UUID creatorId = this.getSecurityUUID();
         List<BoardDto> boards = boardService.getBoards(creatorId);
-        
-        Map<String, Object> response = new HashMap<>();
-        response.put("data", boards);
-        response.put("status", "success");
-        return response;
+        return ResponseUtils.buildSuccessResponse(boards);
     }
 
     @GetMapping("/{id}")
     public Map<String, Object> getBoard(@PathVariable String id) {
         BoardDto boardDto = boardService.getBoard(id);
-        
-        Map<String, Object> response = new HashMap<>();
-        response.put("data", boardDto);
-        response.put("status", "success");
-        return response;
+        return ResponseUtils.buildSuccessResponse(boardDto);
     }
 
     @PutMapping("/{id}")
     public Map<String, Object> updateBoard(@PathVariable String id, @RequestBody BoardRequest request) {
         BoardDto boardDto = boardService.updateBoard(id, request.getName());
-        
-        Map<String, Object> response = new HashMap<>();
-        response.put("data", boardDto);
-        response.put("status", "success");
-        return response;
+        return ResponseUtils.buildSuccessResponse(boardDto);
     }
 
     @DeleteMapping("/{id}")
     public Map<String, Object> deleteBoard(@PathVariable String id) {
         boardService.deleteBoard(id);
-        
-        Map<String, Object> response = new HashMap<>();
-        response.put("data", null);
-        response.put("status", "success");
-        return response;
+        return ResponseUtils.buildSuccessResponse(null);
     }
 
     // 内部类，用于接收请求参数

backend/src/main/java/com/easydraw/filter/JwtAuthenticationFilter.java

@@ -1,11 +1,9 @@
 package com.easydraw.filter;
 
 import com.easydraw.service.JwtService;
+import com.easydraw.utils.AuthenticationUtils;
 import io.jsonwebtoken.Claims;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 
@@ -14,7 +12,6 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.util.Collections;
 
 @Component
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
@@ -29,25 +26,11 @@ public JwtAuthenticationFilter(JwtService jwtService) {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         String authorizationHeader = request.getHeader("Authorization");
+        String token = AuthenticationUtils.extractTokenFromHeader(authorizationHeader);
 
-        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
-            String token = authorizationHeader.substring(7);
-
-            if (jwtService.validateToken(token)) {
-                Claims claims = jwtService.extractClaims(token);
-                String username = claims.getSubject();
-                String role = (String) claims.get("role");
-
-                // 创建认证对象
-                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
-                        username,
-                        null,
-                        Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role.toUpperCase()))
-                );
-
-                // 设置认证信息到上下文
-                SecurityContextHolder.getContext().setAuthentication(authentication);
-            }
+        if (token != null && jwtService.validateToken(token)) {
+            Claims claims = jwtService.extractClaims(token);
+            AuthenticationUtils.setAuthenticationFromClaims(claims);
         }
 
         filterChain.doFilter(request, response);

backend/src/main/java/com/easydraw/service/JwtService.java

@@ -19,8 +19,10 @@ public class JwtService {
     private final long expirationTime = 86400000; // 24小时
 
     public JwtService() {
-        // 生成安全的密钥
-        this.secretKey = Keys.secretKeyFor(SignatureAlgorithm.HS256);
+        // 使用固定的密钥，确保token在应用重启后仍然有效
+        // 注意：在生产环境中，应该使用环境变量或配置文件来管理密钥
+        String secret = "your-secret-key-for-jwt-token-generation"; // 替换为更安全的密钥
+        this.secretKey = Keys.hmacShaKeyFor(secret.getBytes());
     }
 
     // 生成token

backend/src/main/java/com/easydraw/utils/AuthenticationUtils.java

@@ -0,0 +1,43 @@
+package com.easydraw.utils;
+
+import io.jsonwebtoken.Claims;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+import java.util.Collections;
+
+public class AuthenticationUtils {
+
+    /**
+     * 从JWT claims创建并设置认证对象
+     * @param claims JWT claims
+     */
+    public static void setAuthenticationFromClaims(Claims claims) {
+        String userId = (String) claims.get("userId");
+        String role = (String) claims.get("role");
+        
+        // 创建认证对象
+        UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
+                userId,
+                null,
+                Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role.toUpperCase()))
+        );
+
+        // 设置认证信息到上下文
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+    }
+
+    /**
+     * 从请求头中提取token
+     * @param authorizationHeader Authorization请求头
+     * @return token字符串，如果没有则返回null
+     */
+    public static String extractTokenFromHeader(String authorizationHeader) {
+        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
+            return authorizationHeader.substring(7);
+        }
+        return null;
+    }
+
+}

backend/src/main/java/com/easydraw/utils/ResponseUtils.java

@@ -0,0 +1,33 @@
+package com.easydraw.utils;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class ResponseUtils {
+
+    /**
+     * 构建成功响应
+     * @param data 响应数据
+     * @return 响应Map
+     */
+    public static Map<String, Object> buildSuccessResponse(Object data) {
+        Map<String, Object> response = new HashMap<>();
+        response.put("data", data);
+        response.put("status", "success");
+        return response;
+    }
+
+    /**
+     * 构建错误响应
+     * @param message 错误消息
+     * @return 响应Map
+     */
+    public static Map<String, Object> buildErrorResponse(String message) {
+        Map<String, Object> response = new HashMap<>();
+        response.put("data", null);
+        response.put("status", "error");
+        response.put("message", message);
+        return response;
+    }
+
+}

src/stores/app.ts

@@ -1,4 +1,4 @@
-import axios from "axios";
+import axios from "../utils/axios";
 import { defineStore } from "pinia";
 
 export const useAppStore = defineStore("app", {

src/utils/axios.ts

@@ -22,6 +22,15 @@ service.interceptors.request.use(
   }
 );
 
+// 处理未授权错误的公共函数
+const handleUnauthorizedError = () => {
+  // 清除本地存储的token和用户信息
+  localStorage.removeItem('token');
+  localStorage.removeItem('user');
+  // 跳转到登录页面
+  window.location.href = '/login';
+};
+
 // 响应拦截器
 service.interceptors.response.use(
   response => {
@@ -30,11 +39,12 @@ service.interceptors.response.use(
   error => {
     // 处理401错误（未授权）
     if (error.response && error.response.status === 401) {
-      // 清除本地存储的token和用户信息
-      localStorage.removeItem('token');
-      localStorage.removeItem('user');
-      // 跳转到登录页面
-      window.location.href = '/login';
+      handleUnauthorizedError();
+    }
+    // 处理403错误（禁止访问）
+    if (error.response && error.response.status === 403) {
+      console.error('403 Forbidden:', error);
+      handleUnauthorizedError();
     }
     return Promise.reject(error);
   }

src/views/BoardList.vue

@@ -94,7 +94,7 @@
 <script setup lang="ts">
 import { ref, onMounted, nextTick } from 'vue';
 import { useRouter } from 'vue-router';
-import axios from 'axios';
+import axios from '../utils/axios';
 import { ElMessageBox, ElMessage } from 'element-plus';
 
 const router = useRouter();