diff --git a/src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java b/src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java new file mode 100644 index 00000000..7b498a1a --- /dev/null +++ b/src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java @@ -0,0 +1,15 @@ +package com.youlai.boot.core.security.exception; + +import org.springframework.security.core.AuthenticationException; + +/** + * 验证码校验异常 + * + * @author Ray.Hao + * @since 2025/3/1 + */ +public class CaptchaValidationException extends AuthenticationException { + public CaptchaValidationException(String msg) { + super(msg); + } +} \ No newline at end of file diff --git a/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java b/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java index 65c50929..ff5f041e 100644 --- a/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java +++ b/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java @@ -32,7 +32,7 @@ public class MyAuthenticationEntryPoint implements AuthenticationEntryPoint { public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { if (authException instanceof BadCredentialsException) { // 用户名或密码错误 - ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR, authException.getMessage()); + ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR); } else if(authException instanceof InsufficientAuthenticationException){ // 请求头缺失Authorization、Token格式错误、Token过期、签名验证失败 ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_TOKEN_INVALID); diff --git a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java index fc71fe37..bc048794 100644 --- a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java +++ b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java @@ -3,13 +3,13 @@ package com.youlai.boot.core.security.extension.sms; import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import com.youlai.boot.common.constant.RedisConstants; +import com.youlai.boot.core.security.exception.CaptchaValidationException; import com.youlai.boot.core.security.model.SysUserDetails; import com.youlai.boot.system.model.dto.UserAuthInfo; import com.youlai.boot.system.service.UserService; import lombok.extern.slf4j.Slf4j; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.DisabledException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; @@ -64,7 +64,7 @@ public class SmsAuthenticationProvider implements AuthenticationProvider { String cachedVerifyCode = (String) redisTemplate.opsForValue().get(RedisConstants.SMS_LOGIN_CODE_PREFIX + mobile); if (!StrUtil.equals(inputVerifyCode, cachedVerifyCode)) { - throw new BadCredentialsException("验证码错误"); + throw new CaptchaValidationException("验证码错误"); } else { // 验证成功后删除验证码 redisTemplate.delete(RedisConstants.SMS_LOGIN_CODE_PREFIX + mobile);