错误管理子系统调整;完善登录检查流程;

This commit is contained in:
Saturneric 2020-03-17 19:39:37 +08:00
parent 3dc1c08ac3
commit d6b443c754
8 changed files with 101 additions and 22 deletions

View File

@ -0,0 +1,12 @@
package com.codesdream.ase.component.json.respond;
import lombok.Data;
import java.util.Date;
@Data
public class ErrorInfoJSONRespond {
String exception = null;
String exceptionMessage = null;
Date date = null;
}

View File

@ -24,7 +24,8 @@ public class ASEAuthenticationEntryPoint implements AuthenticationEntryPoint {
@Override @Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException { throws IOException {
// 对匿名用户返回401 // 对匿名用户返回401
response.getWriter().print(quickJSONRespond.getRespond401(null)); response.getWriter().print(quickJSONRespond.getRespond401(null));

View File

@ -2,6 +2,7 @@ package com.codesdream.ase.component.permission;
import com.codesdream.ase.component.datamanager.JSONParameter; import com.codesdream.ase.component.datamanager.JSONParameter;
import com.codesdream.ase.component.datamanager.QuickJSONRespond; import com.codesdream.ase.component.datamanager.QuickJSONRespond;
import com.codesdream.ase.component.json.respond.ErrorInfoJSONRespond;
import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond; import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
@ -13,6 +14,7 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.util.Date;
// 认证失败返回 // 认证失败返回
@Slf4j @Slf4j
@ -28,7 +30,17 @@ public class ASEAuthenticationFailureHandler extends SimpleUrlAuthenticationFail
{ {
log.info("ASEAuthenticationFailureHandler Login Fail!"); log.info("ASEAuthenticationFailureHandler Login Fail!");
// 填写异常信息存储对象
ErrorInfoJSONRespond errorInfoJSONRespond = new ErrorInfoJSONRespond();
errorInfoJSONRespond.setDate(new Date());
errorInfoJSONRespond.setExceptionMessage(exception.getMessage());
errorInfoJSONRespond.setException(exception.getClass().getSimpleName());
// 认证失败返回406 // 认证失败返回406
response.getWriter().write(quickJSONRespond.getRespond406("Authentication Failure")); response.getWriter().write(quickJSONRespond.getJSONStandardRespond(
406,
"Not Acceptable",
"Authentication Failure",
errorInfoJSONRespond));
} }
} }

View File

@ -43,10 +43,8 @@ public class ASESecurityAuthenticationProvider implements AuthenticationProvider
// 判断用户是否存在 // 判断用户是否存在
UserDetails userInfo = userDetailsService.loadUserByUsername(username); UserDetails userInfo = userDetailsService.loadUserByUsername(username);
log.info(String.format("SecurityAuthentication: %s %s", username, password));
if (userInfo == null) { if (userInfo == null) {
throw new UsernameNotFoundException("User IS Not Existing"); throw new UsernameNotFoundException("User Not Exist");
} }
// 判断密码是否正确 // 判断密码是否正确

View File

@ -49,16 +49,24 @@ public class ASEUsernamePasswordAuthenticationFilter extends UsernamePasswordAut
throw new AuthenticationServiceException("Authentication method not supported: NOT Ajax Method."); throw new AuthenticationServiceException("Authentication method not supported: NOT Ajax Method.");
} }
Optional<UserLoginChecker> checker = jsonParameter.getJavaObjectByRequest(request, UserLoginChecker.class); Optional<UserLoginChecker> checkerOptional = jsonParameter.getJavaObjectByRequest(request, UserLoginChecker.class);
if(!checker.isPresent()) throw new BadCredentialsException("Invalid AJAX JSON Request"); if(!checkerOptional.isPresent()) throw new BadCredentialsException("Invalid AJAX JSON Request");
if (!checker.get().getCheckType().equals("UsernamePasswordChecker")) UserLoginChecker checker = checkerOptional.get();
if(checker.getUsername() == null
|| checker.getPassword() == null
|| checker.getClientCode() == null
|| checker.getCheckType() == null)
throw new AuthenticationServiceException("Request Data IS Incomplete");
if (!checker.getCheckType().equals("UsernamePasswordChecker"))
throw new AuthenticationServiceException("Authentication not supported: NOT Username Password Type."); throw new AuthenticationServiceException("Authentication not supported: NOT Username Password Type.");
// 获得相应的用户名密码 // 获得相应的用户名密码
String username = checker.get().getUsername(); String username = checker.getUsername();
String password = checker.get().getPassword(); String password = checker.getPassword();
String clientCode = checker.get().getClientCode(); String clientCode = checker.getClientCode();
if (username == null) username = ""; if (username == null) username = "";
if (password == null) password = ""; if (password == null) password = "";

View File

@ -1,23 +1,31 @@
package com.codesdream.ase.controller; package com.codesdream.ase.controller;
import com.codesdream.ase.component.error.ErrorResponse; import com.codesdream.ase.component.error.ErrorResponse;
import com.codesdream.ase.component.json.respond.ErrorInfoJSONRespond;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.context.request.WebRequest; import org.springframework.web.context.request.WebRequest;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date;
import java.util.List; import java.util.List;
@ControllerAdvice @RestControllerAdvice
public class ASEControllerAdvice { public class ASEControllerAdvice {
@ExceptionHandler(value = {RuntimeException.class}) @ExceptionHandler(value = {RuntimeException.class})
public final ResponseEntity<Object> handleRuntimeException(RuntimeException e, WebRequest webRequest){ public final Object handleRuntimeException(RuntimeException e, WebRequest webRequest){
List<String> details = new ArrayList<>(); ErrorInfoJSONRespond errorInfoJSONRespond = new ErrorInfoJSONRespond();
details.add(e.getLocalizedMessage()); errorInfoJSONRespond.setDate(new Date());
ErrorResponse errorResponse = new ErrorResponse("Runtime Error", details); errorInfoJSONRespond.setExceptionMessage(e.getMessage());
return new ResponseEntity<>(errorResponse, HttpStatus.INTERNAL_SERVER_ERROR); errorInfoJSONRespond.setException(e.getClass().getName());
return errorInfoJSONRespond;
} }
} }

View File

@ -1,6 +1,8 @@
package com.codesdream.ase.controller; package com.codesdream.ase.controller;
import com.codesdream.ase.component.datamanager.QuickJSONRespond;
import com.codesdream.ase.component.error.ErrorResponse; import com.codesdream.ase.component.error.ErrorResponse;
import com.codesdream.ase.component.json.respond.ErrorInfoJSONRespond;
import org.springframework.boot.web.servlet.error.ErrorController; import org.springframework.boot.web.servlet.error.ErrorController;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
@ -9,8 +11,10 @@ import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.request.WebRequest; import org.springframework.web.context.request.WebRequest;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date; import java.util.Date;
@ -19,7 +23,7 @@ import java.util.List;
@Controller @Controller
public class ASEErrorController implements ErrorController { public class ASEErrorController implements ErrorController {
@RequestMapping("/error") /* @RequestMapping("/error")
public String handleError(HttpServletRequest request, Model model){ public String handleError(HttpServletRequest request, Model model){
Integer statusCode = (Integer) request.getAttribute("javax.servlet.error.status_code"); Integer statusCode = (Integer) request.getAttribute("javax.servlet.error.status_code");
Exception exception = (Exception) request.getAttribute("javax.servlet.error.exception"); Exception exception = (Exception) request.getAttribute("javax.servlet.error.exception");
@ -49,7 +53,36 @@ public class ASEErrorController implements ErrorController {
model.addAttribute("exception_date", new Date()); model.addAttribute("exception_date", new Date());
} }
return "error"; return "error";
}*/
@Resource
private QuickJSONRespond quickJSONRespond;
@RequestMapping("/error")
@ResponseBody
public String handleError(HttpServletRequest request){
Integer statusCode = (Integer) request.getAttribute("javax.servlet.error.status_code");
Exception exception = (Exception) request.getAttribute("javax.servlet.error.exception");
// 检查返回的状态
if (statusCode == HttpStatus.NOT_FOUND.value()) return quickJSONRespond.getRespond404(null);
ErrorInfoJSONRespond errorInfoJSONRespond = new ErrorInfoJSONRespond();
// 检查是否含有引发异常
if (exception.getCause() == null) {
errorInfoJSONRespond.setException(exception.getClass().getName());
errorInfoJSONRespond.setExceptionMessage(exception.getMessage());
} else {
errorInfoJSONRespond.setException(exception.getCause().getClass().getName());
errorInfoJSONRespond.setExceptionMessage(exception.getCause().getMessage());
}
errorInfoJSONRespond.setDate(new Date());
return quickJSONRespond.getJSONStandardRespond(
statusCode,
"Error Controller Handle",
null,
errorInfoJSONRespond);
} }
@Override @Override

View File

@ -1,7 +1,9 @@
package com.codesdream.ase.service; package com.codesdream.ase.service;
import com.codesdream.ase.component.permission.UserAuthoritiesGenerator; import com.codesdream.ase.component.permission.UserAuthoritiesGenerator;
import com.codesdream.ase.exception.UserNotFoundException;
import com.codesdream.ase.model.permission.User; import com.codesdream.ase.model.permission.User;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
@ -21,9 +23,14 @@ public class ASEUserDetailsService implements UserDetailsService {
@Override @Override
@Transactional @Transactional
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException { public UserDetails loadUserByUsername(String s) {
try {
User user = userService.findUserByUsername(s); User user = userService.findUserByUsername(s);
user.setAuthorities(userAuthoritiesGenerator.grantedAuthorities(user)); user.setAuthorities(userAuthoritiesGenerator.grantedAuthorities(user));
return user; return user;
} catch (UserNotFoundException e){
throw new AuthenticationServiceException("User Not Exist");
}
} }
} }