1. 用户未登录时返回给前端的数据
package com.hanhuide.core.handler;
import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @program: maven
* @description:用户未登录时返回给前端的数据
* @author: 韩惠德
* @create: 2019-11-29 13:46
* @version: 1.0
**/
@Component
public class AjaxAuthenticationEntryPoint implements AuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException {
AjaxResponseBody responseBody = new AjaxResponseBody();
responseBody.setResultEnum(ResultEnum.USER_NEED_AUTHORITIES);
httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
}
}
2. 用户登录成功返回结果
package com.hanhuide.core.handler;
import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
/**
* @program: maven
* @description: 用户登录成功时返回给前端的数据
* @author: 韩惠德
* @create: 2019-11-29 13:53
* @version: 1.0
**/
@Component
@Slf4j
public class AjaxAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
AjaxResponseBody responseBody = new AjaxResponseBody();
responseBody.setResultEnum(ResultEnum.USER_LOGIN_SUCCESS);
httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
}
}
3.用户登录失败返回结果
package com.hanhuide.core.handler;
import com.alibaba.druid.support.json.JSONUtils;
import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.authentication.*;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @program: maven
* @description: 用户登录失败时返回给前端的数据
* @author: 韩惠德
* @create: 2019-11-29 13:52
* @version: 1.0
**/
@Component
public class AjaxAuthenticationFailureHandler implements AuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException exception) throws IOException, ServletException {
AjaxResponseBody responseBody = new AjaxResponseBody();
if (exception instanceof UsernameNotFoundException) {
ResultEnum.USER_LOGIN_FAILED.setMessage("用户不存在!");
} else if (exception instanceof BadCredentialsException) {
ResultEnum.USER_LOGIN_FAILED.setMessage("用户名或密码错误!");
} else if (exception instanceof LockedException) {
ResultEnum.USER_LOGIN_FAILED.setMessage("用户已被锁定!");
} else if (exception instanceof DisabledException) {
ResultEnum.USER_LOGIN_FAILED.setMessage("用户不可用!");
} else if (exception instanceof AccountExpiredException) {
ResultEnum.USER_LOGIN_FAILED.setMessage("账户已过期!");
} else if (exception instanceof CredentialsExpiredException) {
ResultEnum.USER_LOGIN_FAILED.setMessage("用户密码已过期!");
// } else if(exception instanceof TokenInvalidException) {
// ResultEnum.USER_LOGIN_FAILED .setMessage( "登陆信息已过期,请重新登陆";
} else {
ResultEnum.USER_LOGIN_FAILED.setMessage("认证失败,请联系网站管理员!");
}
responseBody.setResultEnum(ResultEnum.USER_LOGIN_FAILED);
httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
}
}
4.用户登出成功返回结果
package com.hanhuide.core.handler;
import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @program: maven
* @description: 处理退出成功
* @author: 韩惠德
* @create: 2019-11-29 13:55
* @version: 1.0
**/
@Component
public class AjaxLogoutSuccessHandler implements LogoutSuccessHandler {
@Override
public void onLogoutSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
AjaxResponseBody responseBody = new AjaxResponseBody();
responseBody.setResultEnum(ResultEnum.USER_LOGOUT_SUCCESS);
httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
}
}
5.用户无权登录
package com.hanhuide.core.handler;
import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @program: maven
* @description: 用户无权登录
* @author: 韩惠德
* @create: 2019-11-29 13:49
* @version: 1.0
**/
@Component
public class AjaxAccessDeniedHandler implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
AjaxResponseBody responseBody = new AjaxResponseBody();
responseBody.setResultEnum(ResultEnum.USER_NO_ACCESS);
httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
}
}
6. 修改WebSecurityConfig 添加上述不同的返回结果
package com.hanhuide.core.config;
import com.hanhuide.core.handler.*;
import com.hanhuide.core.service.impl.CustomUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
/**
* @program: maven
* @description:
* @author: 韩惠德
* @create: 2019-12-26 11:56
* @version: 1.0
**/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AjaxAuthenticationEntryPoint authenticationEntryPoint; // 未登陆时返回 JSON 格式的数据给前端(否则为 html)
@Autowired
private AjaxAuthenticationSuccessHandler authenticationSuccessHandler; // 登录成功返回的 JSON 格式数据给前端(否则为 html)
@Autowired
private AjaxAuthenticationFailureHandler authenticationFailureHandler; // 登录失败返回的 JSON 格式数据给前端(否则为 html)
@Autowired
private AjaxLogoutSuccessHandler logoutSuccessHandler; // 注销成功返回的 JSON 格式数据给前端(否则为 登录时的 html)
@Autowired
private AjaxAccessDeniedHandler accessDeniedHandler; // 无权访问返回的 JSON 格式数据给前端(否则为 403 html 页面)
@Autowired
private CustomUserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated(); // 如果有允许匿名的url,填在下面
http.httpBasic().authenticationEntryPoint(authenticationEntryPoint);
http.formLogin().successHandler(authenticationSuccessHandler).failureHandler(authenticationFailureHandler).permitAll();
http.logout().logoutSuccessHandler(logoutSuccessHandler);
http.exceptionHandling().accessDeniedHandler(accessDeniedHandler); // 无权访问 JSON 格式的数据
// 关闭CSRF跨域
http.csrf().disable();
}
@Override
public void configure(WebSecurity web) throws Exception {
// 设置拦截忽略文件夹,可以对静态资源放行
web.ignoring().antMatchers("/css/**", "/js/**");
}
}
7.上述 类中用到的其他枚举类,与实体类
package com.hanhuide.core.enums;
import lombok.Getter;
/**
* @author: zzx
* @date: 2018/10/15 15:16
* @description: 返回的错误码枚举类
*/
@Getter
public enum ResultEnum {
SUCCESS(101, "成功"),
FAILURE(102, "失败"),
USER_NEED_AUTHORITIES(201, "用户未登录"),
USER_LOGIN_FAILED(202, "用户账号或密码错误"),
USER_LOGIN_SUCCESS(203, "用户登录成功"),
USER_NO_ACCESS(204, "用户无权访问"),
USER_LOGOUT_SUCCESS(205, "用户登出成功"),
TOKEN_IS_BLACKLIST(206, "此token为黑名单"),
LOGIN_IS_OVERDUE(207, "登录已失效"),
;
private Integer code;
private String message;
ResultEnum(Integer code, String message) {
this.code = code;
this.message = message;
}
public Integer getCode() {
return code;
}
public void setCode(Integer code) {
this.code = code;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
/**
* @author: zzx
* @date: 2018-10-15 16:26
* @deprecation:通过code返回枚举
*/
public static ResultEnum parse(int code) {
ResultEnum[] values = values();
for (ResultEnum value : values) {
if (value.getCode() == code) {
return value;
}
}
throw new RuntimeException("Unknown code of ResultEnum");
}
}
package com.hanhuide.core.model;
import com.hanhuide.core.enums.ResultEnum;
import lombok.Data;
import java.io.Serializable;
@Data
public class AjaxResponseBody implements Serializable {
private Integer status;
private String msg;
private Object result;
private String jwtToken;
private Boolean bool;
private ResultEnum resultEnum;
}
运行测试
登录失败
登录成功
对应cookie
登出成功
没有权限
其他的暂时没有测试,未完待续。。。。。。。。。。。。。。。。。。。。。