fix 修复 websocket clientid 参数不走mvc拦截器 无法生效问题

ruoyi-common/ruoyi-common-websocket/src/main/java/org/dromara/common/websocket/interceptor/PlusWebSocketInterceptor.java

@@ -1,7 +1,11 @@
 package org.dromara.common.websocket.interceptor;
 
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.dromara.common.core.domain.model.LoginUser;
+import org.dromara.common.core.utils.ServletUtils;
+import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.springframework.http.server.ServerHttpRequest;
 import org.springframework.http.server.ServerHttpResponse;
@@ -31,7 +35,21 @@ public class PlusWebSocketInterceptor implements HandshakeInterceptor {
      */
     @Override
     public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> attributes) {
+        // 检查是否登录 是否有token
         LoginUser loginUser = LoginHelper.getLoginUser();
+
+        // 解决 ws 不走 mvc 拦截器问题(cloud 版本不受影响)
+        // 检查 header 与 param 里的 clientid 与 token 里的是否一致
+        String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
+        String paramCid = ServletUtils.getParameter(LoginHelper.CLIENT_KEY);
+        String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
+        if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
+            // token 无效
+            throw NotLoginException.newInstance(StpUtil.getLoginType(),
+                "-100", "客户端ID与Token不匹配",
+                StpUtil.getTokenValue());
+        }
+
         attributes.put(LOGIN_USER_KEY, loginUser);
         return true;
     }