From dee6fa5cc4b5fb1e5dd1618a317ed7c071000c0c Mon Sep 17 00:00:00 2001 From: haoxr <1490493387@qq.com> Date: Tue, 15 Nov 2022 00:24:41 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20=E6=B7=BB=E5=8A=A0=E6=9C=AA?= =?UTF-8?q?=E8=AE=A4=E8=AF=81=E5=92=8C=E6=9C=AA=E6=8E=88=E6=9D=83=E8=87=AA?= =?UTF-8?q?=E5=AE=9A=E4=B9=89=E5=BC=82=E5=B8=B8=E5=A4=84=E7=90=86=EF=BC=8C?= =?UTF-8?q?printWriter=E6=97=A0=E9=9C=80=E6=89=8B=E5=8A=A8=E5=85=B3?= =?UTF-8?q?=E9=97=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/youlai/system/SystemApplication.java | 2 -- .../youlai/system/config/SecurityConfig.java | 23 +++++++++++-------- .../exception/MyAccessDeniedHandler.java | 5 +++- .../exception/MyAuthenticationEntryPoint.java | 2 ++ .../SysUserDetailsServiceImpl.java | 2 +- .../service/impl/SysUserServiceImpl.java | 11 +++++---- .../com/youlai/system/util/ResponseUtils.java | 13 ++++------- 7 files changed, 31 insertions(+), 27 deletions(-) diff --git a/src/main/java/com/youlai/system/SystemApplication.java b/src/main/java/com/youlai/system/SystemApplication.java index f72c404e..c928f2aa 100644 --- a/src/main/java/com/youlai/system/SystemApplication.java +++ b/src/main/java/com/youlai/system/SystemApplication.java @@ -5,9 +5,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class SystemApplication { - public static void main(String[] args) { SpringApplication.run(SystemApplication.class, args); } - } diff --git a/src/main/java/com/youlai/system/config/SecurityConfig.java b/src/main/java/com/youlai/system/config/SecurityConfig.java index eb98a029..bd8bbbd5 100644 --- a/src/main/java/com/youlai/system/config/SecurityConfig.java +++ b/src/main/java/com/youlai/system/config/SecurityConfig.java @@ -1,7 +1,10 @@ package com.youlai.system.config; import com.youlai.system.filter.JwtAuthenticationFilter; +import com.youlai.system.security.exception.MyAccessDeniedHandler; +import com.youlai.system.security.exception.MyAuthenticationEntryPoint; import com.youlai.system.security.jwt.JwtTokenManager; +import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; @@ -22,16 +25,13 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) +@RequiredArgsConstructor public class SecurityConfig { + private final MyAuthenticationEntryPoint myAuthenticationEntryPoint; + private final MyAccessDeniedHandler myAccessDeniedHandler; private final JwtTokenManager jwtTokenManager; - public SecurityConfig( - JwtTokenManager jwtTokenManager - ) { - this.jwtTokenManager = jwtTokenManager; - } - @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { @@ -39,8 +39,13 @@ public class SecurityConfig { .csrf().disable() .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and() - .authorizeHttpRequests(auth -> auth.antMatchers("/**").permitAll() - .anyRequest().authenticated()); + .authorizeHttpRequests() + .anyRequest().authenticated() + .and() + .exceptionHandling() + .authenticationEntryPoint(myAuthenticationEntryPoint) + .accessDeniedHandler(myAccessDeniedHandler) + ; // disable cache http.headers().cacheControl(); @@ -53,7 +58,7 @@ public class SecurityConfig { @Bean public WebSecurityCustomizer webSecurityCustomizer() { return (web) -> web.ignoring() - .antMatchers("/api/v1/auth/login","/webjars/**", "/doc.html", "/swagger-resources/**", "/v3/api-docs"); + .antMatchers("/api/v1/auth/login", "/webjars/**", "/doc.html", "/swagger-resources/**", "/v3/api-docs"); } @Bean diff --git a/src/main/java/com/youlai/system/security/exception/MyAccessDeniedHandler.java b/src/main/java/com/youlai/system/security/exception/MyAccessDeniedHandler.java index e2264925..34795ea2 100644 --- a/src/main/java/com/youlai/system/security/exception/MyAccessDeniedHandler.java +++ b/src/main/java/com/youlai/system/security/exception/MyAccessDeniedHandler.java @@ -4,9 +4,11 @@ import com.youlai.system.common.result.ResultCode; import com.youlai.system.util.ResponseUtils; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.web.access.AccessDeniedHandler; +import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.io.IOException; /** * Spring Security访问异常处理器 @@ -14,9 +16,10 @@ import javax.servlet.http.HttpServletResponse; * @author haoxr * @date 2022/10/18 */ +@Component public class MyAccessDeniedHandler implements AccessDeniedHandler { @Override - public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) { + public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException { ResponseUtils.writeErrMsg(response, ResultCode.TOKEN_ACCESS_FORBIDDEN); } } diff --git a/src/main/java/com/youlai/system/security/exception/MyAuthenticationEntryPoint.java b/src/main/java/com/youlai/system/security/exception/MyAuthenticationEntryPoint.java index 2e57477a..c2f6585f 100644 --- a/src/main/java/com/youlai/system/security/exception/MyAuthenticationEntryPoint.java +++ b/src/main/java/com/youlai/system/security/exception/MyAuthenticationEntryPoint.java @@ -4,6 +4,7 @@ import com.youlai.system.common.result.ResultCode; import com.youlai.system.util.ResponseUtils; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -16,6 +17,7 @@ import java.io.IOException; * @author haoxr * @date 2022/10/18 */ +@Component public class MyAuthenticationEntryPoint implements AuthenticationEntryPoint { @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { diff --git a/src/main/java/com/youlai/system/security/userdetails/SysUserDetailsServiceImpl.java b/src/main/java/com/youlai/system/security/userdetails/SysUserDetailsServiceImpl.java index d7c66ae0..33c823b7 100644 --- a/src/main/java/com/youlai/system/security/userdetails/SysUserDetailsServiceImpl.java +++ b/src/main/java/com/youlai/system/security/userdetails/SysUserDetailsServiceImpl.java @@ -21,7 +21,7 @@ public class SysUserDetailsServiceImpl implements UserDetailsService { public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { UserAuthInfo userAuthInfo = sysUserService.getUserAuthInfo(username); - if(userAuthInfo==null){ + if (userAuthInfo == null) { throw new UsernameNotFoundException(username); } return new SysUserDetails(userAuthInfo); diff --git a/src/main/java/com/youlai/system/service/impl/SysUserServiceImpl.java b/src/main/java/com/youlai/system/service/impl/SysUserServiceImpl.java index 58ab614b..13b236ea 100644 --- a/src/main/java/com/youlai/system/service/impl/SysUserServiceImpl.java +++ b/src/main/java/com/youlai/system/service/impl/SysUserServiceImpl.java @@ -211,11 +211,12 @@ public class SysUserServiceImpl extends ServiceImpl impl @Override public UserAuthInfo getUserAuthInfo(String username) { UserAuthInfo userAuthInfo = this.baseMapper.getUserAuthInfo(username); - - Set roles = userAuthInfo.getRoles(); - if(CollectionUtil.isNotEmpty(roles)){ - Set perms= menuService.listRolePerms(roles); - userAuthInfo.setPerms(perms); + if(userAuthInfo!=null){ + Set roles = userAuthInfo.getRoles(); + if(CollectionUtil.isNotEmpty(roles)){ + Set perms= menuService.listRolePerms(roles); + userAuthInfo.setPerms(perms); + } } return userAuthInfo; } diff --git a/src/main/java/com/youlai/system/util/ResponseUtils.java b/src/main/java/com/youlai/system/util/ResponseUtils.java index 04997763..2dfe4aa6 100644 --- a/src/main/java/com/youlai/system/util/ResponseUtils.java +++ b/src/main/java/com/youlai/system/util/ResponseUtils.java @@ -4,6 +4,7 @@ import cn.hutool.json.JSONUtil; import com.youlai.system.common.result.Result; import com.youlai.system.common.result.ResultCode; import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @@ -23,7 +24,7 @@ public class ResponseUtils { * @param response * @param resultCode */ - public static void writeErrMsg(HttpServletResponse response, ResultCode resultCode) { + public static void writeErrMsg(HttpServletResponse response, ResultCode resultCode) throws IOException { switch (resultCode) { case ACCESS_UNAUTHORIZED: case TOKEN_INVALID_OR_EXPIRED: @@ -36,15 +37,9 @@ public class ResponseUtils { response.setStatus(HttpStatus.BAD_REQUEST.value()); break; } + response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setCharacterEncoding("UTF-8"); - try { - String bodyJsonStr = JSONUtil.toJsonStr(Result.failed(resultCode)); - PrintWriter printWriter = response.getWriter(); - printWriter.print(bodyJsonStr); - printWriter.flush(); - printWriter.close(); - } catch (IOException e) { - } + response.getWriter().print(JSONUtil.toJsonStr(Result.failed(resultCode))); }