直接上代码
@Component
public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
@Autowired
private ObjectMapper objectMapper;
private Logger logger = LoggerFactory.getLogger(getClass());
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
logger.info("登陆失败");
Map<String, Object> map = new HashMap<>();
map.put("code","0");
map.put("msg","用户名或者密码错误");
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(objectMapper.writeValueAsString(map));
request.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION",map.get("msg"));
// 转发到错误Url
request.getRequestDispatcher("/login/error").forward(request,response);
}
}
验证码
public class VerifyFilter extends OncePerRequestFilter {
private static final PathMatcher pathMatcher = new AntPathMatcher();
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
if(isProtectedUrl(request)) {
String verifyCode = request.getParameter("verifyCode");
if(!validateVerify(verifyCode)) {
//手动设置异常
request.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION","验证码输入错误");
// 转发到错误Url
request.getRequestDispatcher("/login/error").forward(request,response);
} else {
filterChain.doFilter(request,response);
}
} else {
filterChain.doFilter(request,response);
}
}
@RequestMapping("/login/error")
public String loginError(HttpServletRequest request, HttpServletResponse response,Model model) {
response.setContentType("text/html;charset=utf-8");
Object exception=
request.getSession().getAttribute("SPRING_SECURITY_LAST_EXCEPTION");
try {
response.getWriter().write(exception.toString());
}catch (IOException e) {
e.printStackTrace();
}
System.out.println(exception);
model.addAttribute("error",exception);
return "admin/login";
}
前端
<span th:text="${error}" class="help-block" style="color:red;">消息提示</span>