| 提交 | 用户 | 时间 | ||
| e7c126 | 1 | package com.iailab.framework.security.core.handler; |
| H | 2 | |
| 3 | import com.iailab.framework.common.exception.enums.GlobalErrorCodeConstants; | |
| 4 | import com.iailab.framework.common.pojo.CommonResult; | |
| 5 | import com.iailab.framework.common.util.servlet.ServletUtils; | |
| 6 | import lombok.extern.slf4j.Slf4j; | |
| 7 | import org.springframework.security.core.AuthenticationException; | |
| 8 | import org.springframework.security.web.AuthenticationEntryPoint; | |
| 9 | import org.springframework.security.web.access.ExceptionTranslationFilter; | |
| 10 | ||
| 11 | import javax.servlet.FilterChain; | |
| 12 | import javax.servlet.http.HttpServletRequest; | |
| 13 | import javax.servlet.http.HttpServletResponse; | |
| 14 | ||
| 15 | import static com.iailab.framework.common.exception.enums.GlobalErrorCodeConstants.UNAUTHORIZED; | |
| 16 | ||
| 17 | /** | |
| 18 | * 访问一个需要认证的 URL 资源,但是此时自己尚未认证(登录)的情况下,返回 {@link GlobalErrorCodeConstants#UNAUTHORIZED} 错误码,从而使前端重定向到登录页 | |
| 19 | * | |
| 20 | * 补充:Spring Security 通过 {@link ExceptionTranslationFilter#sendStartAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, AuthenticationException)} 方法,调用当前类 | |
| 21 | * | |
| 22 | * @author ruoyi | |
| 23 | */ | |
| 24 | @Slf4j | |
| 25 | @SuppressWarnings("JavadocReference") // 忽略文档引用报错 | |
| 26 | public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint { | |
| 27 | ||
| 28 | @Override | |
| 29 | public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) { | |
| 30 | log.debug("[commence][访问 URL({}) 时,没有登录]", request.getRequestURI(), e); | |
| 31 | // 返回 401 | |
| 32 | ServletUtils.writeJSON(response, CommonResult.error(UNAUTHORIZED)); | |
| 33 | } | |
| 34 | ||
| 35 | } | |
