update logging

Author: jarry

.gitignore

@@ -7,6 +7,7 @@ a.out
 
 # Log file
 *.log
+*.log.lck
 
 # BlueJ files
 *.ctxt

domain-driven-design/java-web/README.md

@@ -32,7 +32,7 @@ java-web/
 │   │   │   │        │       ├── Router.java   # 基础路由工具设置
 │   │   │   │        │       ├── OrderRoutes.java  # 订单路由配置
 │   │   │   │        ├── middleware/           # 中间件（例如：鉴权、日志、拦截等）
-│   │   │   │        │   └── LoggingMiddleware.java  # 日志中间件
+│   │   │   │        │   └── LoggingFilter.java # 日志中间件，java通常使用Filter
 │   │   │   │        └── config/               # 应用层配置（管理服务器和应用信息）
 │   │   │   │        │   └── ServiceConfig.java  # 服务器与环境配置
 │   │   │   │        └── utils/                # 实用工具

domain-driven-design/java-web/src/main/java/com/javaweborder/Application.java

@@ -7,7 +7,6 @@
 import com.javaweborder.interfaces.controllers.OrderController;
 import com.javaweborder.interfaces.routes.OrderRoutes;
 import com.javaweborder.interfaces.routes.Router;
-import com.javaweborder.middleware.LoggingMiddleware;
 
 import javax.servlet.*;
 import javax.servlet.annotation.WebListener;

domain-driven-design/java-web/src/main/java/com/javaweborder/TomcatServer.java

@@ -27,9 +27,6 @@ public static void main(String[] args) {
             connector.setURIEncoding("UTF-8");
             connector.setUseBodyEncodingForURI(true);
 
-            // 创建空上下文（使用当前根目录，无webapp）
-            // Context context = tomcat.addContext("", new File(".").getAbsolutePath());
-
             // 创建Web上下文，创建webapp目录
             File webappDir = new File("src/main/webapp");
             if (!webappDir.exists()) webappDir.mkdirs();
@@ -42,10 +39,6 @@ public static void main(String[] args) {
                     classesDir.getAbsolutePath(), "/"));
             context.setResources(resources);
 
-            // 可选配置
-//            context.addLifecycleListener(new Tomcat.FixContextListener());
-//            context.setParentClassLoader(TomcatServer.class.getClassLoader());
-
             // 显式启用注解扫描
             context.setAddWebinfClassesResources(true);
 

domain-driven-design/java-web/src/main/java/com/javaweborder/interfaces/controllers/OrderController.java

@@ -24,19 +24,24 @@ public OrderController() {
 
     // 创建订单：对应 POST /orders
     public void createOrder(HttpServletRequest request, HttpServletResponse response) throws IOException {
+        OrderRequest body = new OrderRequest();
         try {
             // 解析请求体
-            OrderRequest body = BodyParserUtils.parseRequestBody(request, OrderRequest.class);
-            String customerName = body.getCustomerName();
+            body = BodyParserUtils.parseRequestBody(request, OrderRequest.class);
+        } catch (Exception e) {
+            ResponseUtils.sendJsonError(response, 500, "请求错误：请检查参数", null);
+        }
 
+        try {
+            String customerName = body.getCustomerName();
             // 将订单金额转换为数字，校验是否有效
             double amount = parseAmount(body.getAmount());
             OrderDTO order = orderService.createOrder(customerName, amount);
             ResponseUtils.sendJsonResponse(response, 201, order, null);
         } catch (IllegalArgumentException e) {
             ResponseUtils.sendJsonError(response, 400, e.getMessage(), null);
         } catch (Exception e) {
-            ResponseUtils.sendJsonError(response, 500, "内部错误：订单已存在", null);
+            ResponseUtils.sendJsonError(response, 500, "内部错误：订单保存失败", null);
         }
     }
 

domain-driven-design/java-web/src/main/java/com/javaweborder/interfaces/response/ResponseBody.java

@@ -0,0 +1,19 @@
+package com.javaweborder.interfaces.response;
+
+public class ResponseBody {
+    private final int status;
+    private final Object message;
+
+    public ResponseBody(int status, Object message) {
+        this.status = status;
+        this.message = message;
+    }
+
+    public int getStatus() {
+        return status;
+    }
+
+    public Object getMessage() {
+        return message;
+    }
+}

domain-driven-design/java-web/src/main/java/com/javaweborder/interfaces/routes/Router.java

@@ -88,10 +88,12 @@ protected void service(HttpServletRequest req, HttpServletResponse resp) throws
         String path = req.getRequestURI().substring(req.getContextPath().length());
         String method = req.getMethod().toUpperCase();
 
-        LogUtils.logInfo("Request URI: " + req.getRequestURI());
-        LogUtils.logInfo("Context Path: " + req.getContextPath());
-        LogUtils.logInfo("Processed Path: " + path);
-        LogUtils.logInfo("out Received request: " + method + " " + path);
+        /* 关闭打印，调试再打开
+        // LogUtils.logInfo("Request URI: " + req.getRequestURI());
+        // LogUtils.logInfo("Context Path: " + req.getContextPath());
+        // LogUtils.logInfo("Processed Path: " + path);
+        // LogUtils.logInfo("out Received request: " + method + " " + path);
+         */
 
         for (Route route : routes) {
             Matcher matcher = route.pattern.matcher(path);

domain-driven-design/java-web/src/main/java/com/javaweborder/middleware/AuthorizationFilter.java

@@ -0,0 +1,96 @@
+package com.javaweborder.middleware;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.javaweborder.interfaces.response.ResponseBody;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
+@WebFilter("/*") // 拦截所有请求，进行权限校验，Filter执行顺序按首字母排序
+public class AuthorizationFilter implements Filter {
+    private static final ObjectMapper objectMapper = new ObjectMapper();
+
+    // 公开路径白名单（无需认证）
+    private static final Set<String> ALLOWED_PATHS = new HashSet<>(Arrays.asList(
+            "/login", "/public", "/error"
+    ));
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+        System.out.println("AuthorizationFilter initialized.");
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        System.out.println("AuthorizationFilter: Filter is executing.");
+        String path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());
+
+        // 白名单路径直接放行，根据需要设置
+        // if (isAllowed(path)) {
+        //    chain.doFilter(request, response);
+        //    return;
+        // }
+
+        try {
+            // 1. 验证用户是否登录（示例：检查Token）
+            String token = httpRequest.getHeader("Authorization");
+            // 如有token就校验token
+            if (token != null && !validateToken(token)) {
+                sendError(httpResponse, HttpServletResponse.SC_UNAUTHORIZED, "未提供有效凭证");
+                return;
+            }
+
+            // 2. 验证用户权限（示例：检查角色或权限）
+            String requiredRole = "admin";
+            if (!hasPermission(token, requiredRole)) {
+                sendError(httpResponse, HttpServletResponse.SC_FORBIDDEN, "无权访问此资源");
+                return;
+            }
+
+            // 权限验证通过，继续执行后续逻辑
+            chain.doFilter(request, response);
+        } catch (Exception e) {
+            sendError(httpResponse, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "权限验证异常");
+        }
+    }
+
+    @Override
+    public void destroy() {
+        // 清理资源（可选）
+    }
+
+    // 判断是否为公开路径
+    private boolean isAllowed(String path) {
+        return ALLOWED_PATHS.contains(path);
+    }
+
+    // 模拟Token验证逻辑（替换为实际验证逻辑）
+    private boolean validateToken(String token) {
+        // 示例：检查Token有效性（如JWT解析），此处假使为true
+        return token.startsWith("Bearer ");
+    }
+
+    // 模拟权限验证逻辑（替换为实际业务逻辑）
+    private boolean hasPermission(String token, String requiredRole) {
+        // 示例：从Token中解析用户角色并验证
+        String userRole = "admin"; // 实际应从数据库或缓存获取
+        return requiredRole.equals(userRole);
+    }
+
+    // 返回JSON格式错误响应
+    private void sendError(HttpServletResponse response, int status, String message) throws IOException {
+        response.setStatus(status);
+        response.setContentType("application/json;charset=UTF-8");
+        ResponseBody errorResponse = new ResponseBody(status, message);
+        objectMapper.writeValue(response.getWriter(), errorResponse);
+    }
+}

domain-driven-design/java-web/src/main/java/com/javaweborder/middleware/CustomServletResponseWrapper.java

@@ -0,0 +1,53 @@
+package com.javaweborder.middleware;
+
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+import java.io.CharArrayWriter;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+// 创建ServletResponseWrapper 用于捕获响应的状态码和输出内容，并将输出内容到CharArrayWriter中
+public class CustomServletResponseWrapper extends HttpServletResponseWrapper {
+    private int httpStatus = SC_OK;
+    private final CharArrayWriter charArray = new CharArrayWriter();
+    private PrintWriter writer;
+
+    public CustomServletResponseWrapper(HttpServletResponse response) {
+        super(response);
+    }
+
+    @Override
+    public void sendError(int sc) throws IOException {
+        this.httpStatus = sc;
+        setStatus(sc);
+    }
+
+    @Override
+    public void sendError(int sc, String msg) throws IOException {
+        this.httpStatus = sc;
+        setStatus(sc);
+    }
+
+    @Override
+    public void setStatus(int sc) {
+        super.setStatus(sc);
+        this.httpStatus = sc;
+    }
+
+    @Override
+    public int getStatus() {
+        return httpStatus;
+    }
+
+    @Override
+    public PrintWriter getWriter() {
+        if (writer == null) {
+            writer = new PrintWriter(charArray);
+        }
+        return writer;
+    }
+
+    public String getOutput() {
+        return charArray.toString();
+    }
+}

domain-driven-design/java-web/src/main/java/com/javaweborder/middleware/GlobalExceptionFilter.java

@@ -0,0 +1,73 @@
+package com.javaweborder.middleware;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.javaweborder.interfaces.response.ResponseBody;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+// 在过滤器的 doFilter 方法中，自定义包装器来响应对象，并针对状态码进行不同处理，以返回自定义错误页面
+@WebFilter("/*")
+public class GlobalExceptionFilter implements Filter {
+    private static final ObjectMapper objectMapper = new ObjectMapper();
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+        System.out.println("GlobalExceptionFilter initialized.");
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        CustomServletResponseWrapper responseWrapper = new CustomServletResponseWrapper(httpResponse);
+        System.out.println("GlobalExceptionFilter: Filter is executing.");
+        try {
+            chain.doFilter(request, responseWrapper);
+        } catch (Exception e) {
+            handleException(httpResponse, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "服务器内部错误");
+            return;
+        }
+
+        int status = responseWrapper.getStatus();
+        if (status >= 400) {
+            handleException(httpResponse, status, getErrorMessage(status));
+            return;
+        }
+
+        // 正常响应写入内容
+        String content = responseWrapper.getOutput();
+        if (!content.isEmpty()) {
+            response.getWriter().write(content);
+        }
+    }
+
+    private String getErrorMessage(int status) {
+        switch (status) {
+            case 404:
+                return "资源未找到";
+            case 401:
+                return "未经授权";
+            case 403:
+                return "禁止访问";
+            case 500:
+                return "服务器内部错误";
+            default:
+                return "请求错误";
+        }
+    }
+
+    private void handleException(HttpServletResponse response, int status, String message) throws IOException {
+        response.reset(); // 重置响应，确保自定义内容可写入
+        response.setStatus(status);
+        response.setContentType("application/json;charset=UTF-8");
+        ResponseBody errorResponse = new ResponseBody(status, message);
+        objectMapper.writeValue(response.getWriter(), errorResponse);
+    }
+
+    @Override
+    public void destroy() {
+    }
+}