springboot security 自定义返回结果（三）

1. 用户未登录时返回给前端的数据

package com.hanhuide.core.handler;

import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @program: maven
 * @description:用户未登录时返回给前端的数据
 * @author: 韩惠德
 * @create: 2019-11-29 13:46
 * @version: 1.0
 **/
@Component
public class AjaxAuthenticationEntryPoint implements AuthenticationEntryPoint {

    @Override
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException {
        AjaxResponseBody responseBody = new AjaxResponseBody();
        responseBody.setResultEnum(ResultEnum.USER_NEED_AUTHORITIES);
        httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
    }
}

2. 用户登录成功返回结果

package com.hanhuide.core.handler;

import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * @program: maven
 * @description: 用户登录成功时返回给前端的数据
 * @author: 韩惠德
 * @create: 2019-11-29 13:53
 * @version: 1.0
 **/
@Component
@Slf4j
public class AjaxAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        AjaxResponseBody responseBody = new AjaxResponseBody();
        responseBody.setResultEnum(ResultEnum.USER_LOGIN_SUCCESS);
        httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
    }
}

3.用户登录失败返回结果

package com.hanhuide.core.handler;

import com.alibaba.druid.support.json.JSONUtils;
import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.authentication.*;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @program: maven
 * @description: 用户登录失败时返回给前端的数据
 * @author: 韩惠德
 * @create: 2019-11-29 13:52
 * @version: 1.0
 **/
@Component
public class AjaxAuthenticationFailureHandler implements AuthenticationFailureHandler {


    @Override
    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException exception) throws IOException, ServletException {
        AjaxResponseBody responseBody = new AjaxResponseBody();
        if (exception instanceof UsernameNotFoundException) {
            ResultEnum.USER_LOGIN_FAILED.setMessage("用户不存在!");
        } else if (exception instanceof BadCredentialsException) {
            ResultEnum.USER_LOGIN_FAILED.setMessage("用户名或密码错误！");
        } else if (exception instanceof LockedException) {
            ResultEnum.USER_LOGIN_FAILED.setMessage("用户已被锁定！");
        } else if (exception instanceof DisabledException) {
            ResultEnum.USER_LOGIN_FAILED.setMessage("用户不可用！");
        } else if (exception instanceof AccountExpiredException) {
            ResultEnum.USER_LOGIN_FAILED.setMessage("账户已过期！");
        } else if (exception instanceof CredentialsExpiredException) {
            ResultEnum.USER_LOGIN_FAILED.setMessage("用户密码已过期！");
//        } else if(exception instanceof TokenInvalidException) {
//            ResultEnum.USER_LOGIN_FAILED .setMessage( "登陆信息已过期,请重新登陆";
        } else {
            ResultEnum.USER_LOGIN_FAILED.setMessage("认证失败，请联系网站管理员！");
        }
        responseBody.setResultEnum(ResultEnum.USER_LOGIN_FAILED);
        httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
    }
}

4.用户登出成功返回结果

package com.hanhuide.core.handler;

import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @program: maven
 * @description: 处理退出成功
 * @author: 韩惠德
 * @create: 2019-11-29 13:55
 * @version: 1.0
 **/
@Component
public class AjaxLogoutSuccessHandler implements LogoutSuccessHandler {

    @Override
    public void onLogoutSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        AjaxResponseBody responseBody = new AjaxResponseBody();
        responseBody.setResultEnum(ResultEnum.USER_LOGOUT_SUCCESS);
        httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
    }
}

5.用户无权登录

package com.hanhuide.core.handler;

import com.alibaba.fastjson.JSON;
import com.hanhuide.core.enums.ResultEnum;
import com.hanhuide.core.model.AjaxResponseBody;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @program: maven
 * @description: 用户无权登录
 * @author: 韩惠德
 * @create: 2019-11-29 13:49
 * @version: 1.0
 **/
@Component
public class AjaxAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
        AjaxResponseBody responseBody = new AjaxResponseBody();
        responseBody.setResultEnum(ResultEnum.USER_NO_ACCESS);
        httpServletResponse.getWriter().write(JSON.toJSONString(responseBody));
    }
}

 

6. 修改WebSecurityConfig 添加上述不同的返回结果

package com.hanhuide.core.config;

import com.hanhuide.core.handler.*;
import com.hanhuide.core.service.impl.CustomUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @program: maven
 * @description:
 * @author: 韩惠德
 * @create: 2019-12-26 11:56
 * @version: 1.0
 **/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private AjaxAuthenticationEntryPoint authenticationEntryPoint;  //  未登陆时返回 JSON 格式的数据给前端（否则为 html）

    @Autowired
    private AjaxAuthenticationSuccessHandler authenticationSuccessHandler;  // 登录成功返回的 JSON 格式数据给前端（否则为 html）

    @Autowired
    private AjaxAuthenticationFailureHandler authenticationFailureHandler;  //  登录失败返回的 JSON 格式数据给前端（否则为 html）

    @Autowired
    private AjaxLogoutSuccessHandler logoutSuccessHandler;  // 注销成功返回的 JSON 格式数据给前端（否则为 登录时的 html）

    @Autowired
    private AjaxAccessDeniedHandler accessDeniedHandler;    // 无权访问返回的 JSON 格式数据给前端（否则为 403 html 页面）

    @Autowired
    private CustomUserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated();                // 如果有允许匿名的url，填在下面
        http.httpBasic().authenticationEntryPoint(authenticationEntryPoint);
        http.formLogin().successHandler(authenticationSuccessHandler).failureHandler(authenticationFailureHandler).permitAll();
        http.logout().logoutSuccessHandler(logoutSuccessHandler);
        http.exceptionHandling().accessDeniedHandler(accessDeniedHandler); // 无权访问 JSON 格式的数据
        // 关闭CSRF跨域
        http.csrf().disable();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        // 设置拦截忽略文件夹，可以对静态资源放行
        web.ignoring().antMatchers("/css/**", "/js/**");
    }
}

7.上述 类中用到的其他枚举类，与实体类

package com.hanhuide.core.enums;

import lombok.Getter;

/**
 * @author: zzx
 * @date: 2018/10/15 15:16
 * @description: 返回的错误码枚举类
 */
@Getter
public enum ResultEnum {

    SUCCESS(101, "成功"),
    FAILURE(102, "失败"),
    USER_NEED_AUTHORITIES(201, "用户未登录"),
    USER_LOGIN_FAILED(202, "用户账号或密码错误"),
    USER_LOGIN_SUCCESS(203, "用户登录成功"),
    USER_NO_ACCESS(204, "用户无权访问"),
    USER_LOGOUT_SUCCESS(205, "用户登出成功"),
    TOKEN_IS_BLACKLIST(206, "此token为黑名单"),
    LOGIN_IS_OVERDUE(207, "登录已失效"),
    ;

    private Integer code;

    private String message;

    ResultEnum(Integer code, String message) {
        this.code = code;
        this.message = message;
    }

    public Integer getCode() {
        return code;
    }

    public void setCode(Integer code) {
        this.code = code;
    }

    public String getMessage() {
        return message;
    }

    public void setMessage(String message) {
        this.message = message;
    }

    /**
     * @author: zzx
     * @date: 2018-10-15 16:26
     * @deprecation:通过code返回枚举
     */
    public static ResultEnum parse(int code) {
        ResultEnum[] values = values();
        for (ResultEnum value : values) {
            if (value.getCode() == code) {
                return value;
            }
        }
        throw new RuntimeException("Unknown code of ResultEnum");
    }

}

package com.hanhuide.core.model;

import com.hanhuide.core.enums.ResultEnum;
import lombok.Data;

import java.io.Serializable;

@Data
public class AjaxResponseBody implements Serializable {

    private Integer status;
    private String msg;
    private Object result;
    private String jwtToken;
    private Boolean bool;
    private ResultEnum resultEnum;
}

运行测试 

登录失败

登录成功

对应cookie 

登出成功

没有权限

 其他的暂时没有测试，未完待续。。。。。。。。。。。。。。。。。。。。。