From 77adafc20c9aa816c9ebeeba127ddd5ba3d6996d Mon Sep 17 00:00:00 2001 From: "Ray.Hao" <1490493387@qq.com> Date: Sat, 1 Mar 2025 00:41:44 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20Spring=20Security=20=E5=BC=82?= =?UTF-8?q?=E5=B8=B8=E5=A4=84=E7=90=86=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../exception/CaptchaValidationException.java | 15 +++++++++++++++ .../exception/MyAuthenticationEntryPoint.java | 2 +- .../extension/sms/SmsAuthenticationProvider.java | 4 ++-- 3 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java diff --git a/src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java b/src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java new file mode 100644 index 00000000..7b498a1a --- /dev/null +++ b/src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java @@ -0,0 +1,15 @@ +package com.youlai.boot.core.security.exception; + +import org.springframework.security.core.AuthenticationException; + +/** + * 验证码校验异常 + * + * @author Ray.Hao + * @since 2025/3/1 + */ +public class CaptchaValidationException extends AuthenticationException { + public CaptchaValidationException(String msg) { + super(msg); + } +} \ No newline at end of file diff --git a/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java b/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java index 65c50929..ff5f041e 100644 --- a/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java +++ b/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java @@ -32,7 +32,7 @@ public class MyAuthenticationEntryPoint implements AuthenticationEntryPoint { public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { if (authException instanceof BadCredentialsException) { // 用户名或密码错误 - ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR, authException.getMessage()); + ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR); } else if(authException instanceof InsufficientAuthenticationException){ // 请求头缺失Authorization、Token格式错误、Token过期、签名验证失败 ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_TOKEN_INVALID); diff --git a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java index fc71fe37..bc048794 100644 --- a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java +++ b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java @@ -3,13 +3,13 @@ package com.youlai.boot.core.security.extension.sms; import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import com.youlai.boot.common.constant.RedisConstants; +import com.youlai.boot.core.security.exception.CaptchaValidationException; import com.youlai.boot.core.security.model.SysUserDetails; import com.youlai.boot.system.model.dto.UserAuthInfo; import com.youlai.boot.system.service.UserService; import lombok.extern.slf4j.Slf4j; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.DisabledException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; @@ -64,7 +64,7 @@ public class SmsAuthenticationProvider implements AuthenticationProvider { String cachedVerifyCode = (String) redisTemplate.opsForValue().get(RedisConstants.SMS_LOGIN_CODE_PREFIX + mobile); if (!StrUtil.equals(inputVerifyCode, cachedVerifyCode)) { - throw new BadCredentialsException("验证码错误"); + throw new CaptchaValidationException("验证码错误"); } else { // 验证成功后删除验证码 redisTemplate.delete(RedisConstants.SMS_LOGIN_CODE_PREFIX + mobile);