tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: Spring Security 异常处理优化

Browse Source
This commit is contained in:
Ray.Hao
2025-03-01 00:41:44 +08:00
parent 8391f93121
commit 77adafc20c
3 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/com/youlai/boot/core/security/exception/CaptchaValidationException.java Normal file
View File

@@ -0,0 +1,15 @@
package com.youlai.boot.core.security.exception;
import org.springframework.security.core.AuthenticationException;
/**
* 验证码校验异常
*
* @author Ray.Hao
* @since 2025/3/1
*/
public class CaptchaValidationException extends AuthenticationException {
public CaptchaValidationException(String msg) {
super(msg);
}
}

2
src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java
View File

@@ -32,7 +32,7 @@ public class MyAuthenticationEntryPoint implements AuthenticationEntryPoint {
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
if (authException instanceof BadCredentialsException) {
// 用户名或密码错误
ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR, authException.getMessage());
ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR);
} else if(authException instanceof InsufficientAuthenticationException){
// 请求头缺失Authorization、Token格式错误、Token过期、签名验证失败
ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_TOKEN_INVALID);

4
src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java
View File

@@ -3,13 +3,13 @@ package com.youlai.boot.core.security.extension.sms;
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import com.youlai.boot.common.constant.RedisConstants;
import com.youlai.boot.core.security.exception.CaptchaValidationException;
import com.youlai.boot.core.security.model.SysUserDetails;
import com.youlai.boot.system.model.dto.UserAuthInfo;
import com.youlai.boot.system.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
@@ -64,7 +64,7 @@ public class SmsAuthenticationProvider implements AuthenticationProvider {
String cachedVerifyCode = (String) redisTemplate.opsForValue().get(RedisConstants.SMS_LOGIN_CODE_PREFIX + mobile);
if (!StrUtil.equals(inputVerifyCode, cachedVerifyCode)) {
throw new BadCredentialsException("验证码错误");
throw new CaptchaValidationException("验证码错误");
} else {
// 验证成功后删除验证码
redisTemplate.delete(RedisConstants.SMS_LOGIN_CODE_PREFIX + mobile);