refactor: 完善因缺失 Token 而认证失败响应的处理

2025-02-25 00:07:17 +08:00
parent 5239be5514
commit 7f4ec50cef
1 changed files with 22 additions and 14 deletions
--- a/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java
+++ b/src/main/java/com/youlai/boot/core/security/exception/MyAuthenticationEntryPoint.java
@@ -3,10 +3,9 @@ package com.youlai.boot.core.security.exception;
 import com.youlai.boot.common.result.ResultCode;
 import com.youlai.boot.common.util.ResponseUtils;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.stereotype.Component;

 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -15,26 +14,35 @@ import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;

 /**
- * 未认证异常处理器
+ * 统一处理 Spring Security 认证失败响应
 *
 * @author Ray.Hao
 * @since 2.0.0
 */
 public class MyAuthenticationEntryPoint implements AuthenticationEntryPoint {
+
+    /**
+     * 认证失败处理入口方法
+     *
+     * @param request 触发异常的请求对象（可用于获取请求头、参数等）
+     * @param response 响应对象（用于写入错误信息）
+     * @param authException 认证异常对象（包含具体失败原因）
+     */
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
-        int status = response.getStatus();
-        if (status == HttpServletResponse.SC_NOT_FOUND) {
-            // 资源不存在
-            ResponseUtils.writeErrMsg(response, ResultCode.USER_RESOURCE_NOT_FOUND);
+        if (authException instanceof BadCredentialsException) {
+            // 用户名或密码错误
+            ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR, authException.getMessage());
+        } else if(authException instanceof InsufficientAuthenticationException){
+            // 请求头缺失Authorization、Token格式错误、Token过期、签名验证失败
+            ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_TOKEN_INVALID);
        } else {
-            if (authException instanceof BadCredentialsException) {
-                // 用户名或密码错误
-                ResponseUtils.writeErrMsg(response, ResultCode.USER_PASSWORD_ERROR, authException.getMessage());
-            } else {
-                // 登录异常
-                ResponseUtils.writeErrMsg(response, ResultCode.USER_LOGIN_EXCEPTION, authException.getMessage());
-            }
+            // 其他未明确处理的认证异常（如账户被锁定、账户禁用等）
+            ResponseUtils.writeErrMsg(response, ResultCode.USER_LOGIN_EXCEPTION, authException.getMessage());
        }
    }
 }
+
+
+
+