From f1a4555739deb66bc1ad9fc021e775a03bc690bf Mon Sep 17 00:00:00 2001 From: wayn <1669738430@qq.com> Date: Sun, 8 Aug 2021 13:25:23 +0800 Subject: [PATCH] =?UTF-8?q?refactor(=E5=95=86=E5=9F=8E):=20=E4=BB=A3?= =?UTF-8?q?=E7=A0=81=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../framework/config/SecurityConfig.java | 2 +- .../filter/JwtAuthenticationTokenFilter.java | 41 ++++++++++++++----- .../handle/AuthenticationEntryPointImpl.java | 9 ++-- .../handle/LogoutSuccessHandlerImpl.java | 3 +- .../com/wayn/common/enums/ReturnCodeEnum.java | 12 ++++-- .../message/reciver/EmailDirectReceiver.java | 7 +--- .../message/reciver/OrderDirectReceiver.java | 7 +--- .../handle/AuthenticationEntryPointImpl.java | 2 +- .../handle/LogoutSuccessHandlerImpl.java | 3 +- 9 files changed, 55 insertions(+), 31 deletions(-) diff --git a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/config/SecurityConfig.java b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/config/SecurityConfig.java index d0d6103..0c59dfb 100644 --- a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/config/SecurityConfig.java +++ b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/config/SecurityConfig.java @@ -41,7 +41,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { * 解决 无法直接注入 AuthenticationManager * * @return - * @throws Exception */ @Bean @Override @@ -58,6 +57,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .csrf().disable() // 认证失败处理类 .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() + .exceptionHandling().and() // 基于token,所以不需要session .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() // 过滤请求 diff --git a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/filter/JwtAuthenticationTokenFilter.java b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/filter/JwtAuthenticationTokenFilter.java index 0a79957..e861e56 100644 --- a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/filter/JwtAuthenticationTokenFilter.java +++ b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/filter/JwtAuthenticationTokenFilter.java @@ -1,8 +1,15 @@ package com.wayn.admin.framework.security.filter; import com.wayn.admin.framework.security.service.TokenService; +import com.wayn.common.constant.Constants; import com.wayn.common.core.model.LoginUserDetail; +import com.wayn.common.enums.ReturnCodeEnum; +import com.wayn.common.util.R; +import com.wayn.common.util.json.JsonUtil; +import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.redis.RedisConnectionFailureException; +import org.springframework.http.HttpStatus; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; @@ -18,9 +25,8 @@ import java.util.Objects; /** * token过滤器 验证token有效性 - * - * @author ruoyi */ +@Slf4j @Component public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { @@ -28,16 +34,29 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { private TokenService tokenService; @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) - throws ServletException, IOException { - LoginUserDetail loginUser = tokenService.getLoginUser(request); - if (Objects.nonNull(loginUser) && Objects.isNull(SecurityContextHolder.getContext().getAuthentication())) { - tokenService.verifyToken(loginUser); - UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities()); - authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - SecurityContextHolder.getContext().setAuthentication(authenticationToken); + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { + try { + LoginUserDetail loginUser = tokenService.getLoginUser(request); + if (Objects.nonNull(loginUser) && Objects.isNull(SecurityContextHolder.getContext().getAuthentication())) { + tokenService.verifyToken(loginUser); + UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities()); + authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authenticationToken); + } + chain.doFilter(request, response); + } catch (RedisConnectionFailureException exception) { + response.setStatus(HttpStatus.OK.value()); + response.setContentType("application/json"); + response.setCharacterEncoding(Constants.UTF_ENCODING); + try { + response.getWriter().print(JsonUtil.marshal(R.error(ReturnCodeEnum.REDIS_CONNECTION_TIMEOUT_ERROR))); + } catch (Exception e) { + log.error(e.getMessage(), e); + } + } catch (Exception exception) { + log.error(String.format("认证异常:msg:%s", exception.getMessage()), exception); + chain.doFilter(request, response); } - chain.doFilter(request, response); } } diff --git a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/AuthenticationEntryPointImpl.java b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/AuthenticationEntryPointImpl.java index 785605c..44c76ea 100644 --- a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/AuthenticationEntryPointImpl.java +++ b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/AuthenticationEntryPointImpl.java @@ -1,7 +1,9 @@ package com.wayn.admin.framework.security.handle; +import com.wayn.common.constant.Constants; import com.wayn.common.util.R; import com.wayn.common.util.json.JsonUtil; +import lombok.extern.slf4j.Slf4j; import org.springframework.http.HttpStatus; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; @@ -14,6 +16,7 @@ import java.io.Serializable; /** * 认证失败处理类 返回未授权 */ +@Slf4j @Component public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, Serializable { private static final long serialVersionUID = -8970718410437077606L; @@ -23,12 +26,12 @@ public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, S int code = HttpStatus.UNAUTHORIZED.value(); String msg = String.format("请求访问:%s,认证失败,无法访问系统资源", request.getRequestURI()); try { - response.setStatus(200); + response.setStatus(HttpStatus.OK.value()); response.setContentType("application/json"); - response.setCharacterEncoding("utf-8"); + response.setCharacterEncoding(Constants.UTF_ENCODING); response.getWriter().print(JsonUtil.marshal(R.error(code, msg))); } catch (Exception exception) { - exception.printStackTrace(); + log.error(exception.getMessage(), exception); } } diff --git a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/LogoutSuccessHandlerImpl.java b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/LogoutSuccessHandlerImpl.java index 0f006d2..45bd8c7 100644 --- a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/LogoutSuccessHandlerImpl.java +++ b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/security/handle/LogoutSuccessHandlerImpl.java @@ -7,6 +7,7 @@ import com.wayn.common.util.json.JsonUtil; import lombok.SneakyThrows; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpStatus; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; @@ -35,7 +36,7 @@ public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler { tokenService.delLoginUser(loginUser.getToken()); } // 设置状态码 - response.setStatus(200); + response.setStatus(HttpStatus.OK.value()); // 将登录失败信息打包成json格式返回 response.setContentType("application/json;charset=UTF-8"); response.getWriter().print(JsonUtil.marshal(R.success())); diff --git a/waynboot-common/src/main/java/com/wayn/common/enums/ReturnCodeEnum.java b/waynboot-common/src/main/java/com/wayn/common/enums/ReturnCodeEnum.java index d490cce..6cb6132 100644 --- a/waynboot-common/src/main/java/com/wayn/common/enums/ReturnCodeEnum.java +++ b/waynboot-common/src/main/java/com/wayn/common/enums/ReturnCodeEnum.java @@ -55,18 +55,24 @@ public enum ReturnCodeEnum { GOODS_SPEC_ONLY_START_ONE_DEFAULT_SELECTED_ERROR(5301, "商品规格只能选择一个启用默认选中"), GOODS_HAS_OFFSHELF_ERROR(5302, "商品已经下架"), - GOODS_STOCK_NOT_ENOUGH_ERROR(5302, "商品库存不足"), + GOODS_STOCK_NOT_ENOUGH_ERROR(5303, "商品库存不足"), DEPT_HAS_SUB_DEPT_ERROR(5401, "存在下级部门,不允许删除"), - DEPT_HAS_USER_ERROR(5401, "部门存在用户,不允许删除"), + DEPT_HAS_USER_ERROR(5402, "部门存在用户,不允许删除"), MENU_HAS_SUB_MENU_ERROR(5501, "存在子菜单,不允许删除"), MENU_HAS_DISTRIBUTE_ERROR(5502, "菜单已分配,不允许删除"), TOOL_EMAIL_ERROR(5601, "邮件信息未配置完全,请先填写配置信息"), TOOL_QINIU_NOT_EXISTS_ERROR(5602, "七牛云配置不存在"), - TOOL_QINIU_CONFIG_ERROR(5602, "七牛云配置错误"), + TOOL_QINIU_CONFIG_ERROR(5603, "七牛云配置错误"), + + /** + * 6xxx,中间件异常 + */ + REDIS_CONNECTION_TIMEOUT_ERROR(6001, "redis连接超时"), + ES_CONNECTION_TIMEOUT_ERROR(6002, "es连接超时"), ; private int code; private String msg; diff --git a/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/EmailDirectReceiver.java b/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/EmailDirectReceiver.java index f8390e6..66a6001 100644 --- a/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/EmailDirectReceiver.java +++ b/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/EmailDirectReceiver.java @@ -10,10 +10,7 @@ import org.springframework.amqp.core.Message; import org.springframework.amqp.rabbit.annotation.RabbitHandler; import org.springframework.amqp.rabbit.annotation.RabbitListener; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; +import org.springframework.http.*; import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; import org.springframework.web.client.RestTemplate; @@ -64,7 +61,7 @@ public class EmailDirectReceiver { HttpEntity> request = new HttpEntity<>(multiValueMap, headers); try { ResponseEntity response = restTemplate.postForEntity(notifyUrl, request, String.class); - if (response.getStatusCode().value() != 200) { + if (response.getStatusCode().value() != HttpStatus.OK.value()) { throw new Exception("邮件发送失败 :" + testMessage); } JSONObject jsonObject = JSONObject.parseObject(response.getBody()); diff --git a/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/OrderDirectReceiver.java b/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/OrderDirectReceiver.java index 61a9a7a..c64b93f 100644 --- a/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/OrderDirectReceiver.java +++ b/waynboot-message-consumer/src/main/java/com/wayn/message/reciver/OrderDirectReceiver.java @@ -10,10 +10,7 @@ import org.apache.commons.lang3.StringUtils; import org.springframework.amqp.core.Message; import org.springframework.amqp.rabbit.annotation.RabbitListener; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; +import org.springframework.http.*; import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; import org.springframework.web.client.RestTemplate; @@ -67,7 +64,7 @@ public class OrderDirectReceiver { multiValueMap.add("order", msgObject.get("order")); HttpEntity> request = new HttpEntity<>(multiValueMap, headers); ResponseEntity response = restTemplate.postForEntity(notifyUrl, request, String.class); - if (response.getStatusCode().value() != 200) { + if (response.getStatusCode().value() != HttpStatus.OK.value()) { throw new Exception("下单失败 :" + msgObject); } JSONObject jsonObject = JSONObject.parseObject(response.getBody()); diff --git a/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/AuthenticationEntryPointImpl.java b/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/AuthenticationEntryPointImpl.java index eebdbcf..0a2b726 100644 --- a/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/AuthenticationEntryPointImpl.java +++ b/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/AuthenticationEntryPointImpl.java @@ -23,7 +23,7 @@ public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, S int code = HttpStatus.UNAUTHORIZED.value(); String msg = String.format("请求访问:%s,认证失败,无法访问系统资源", request.getRequestURI()); try { - response.setStatus(200); + response.setStatus(HttpStatus.OK.value()); response.setContentType("application/json"); response.setCharacterEncoding("utf-8"); response.getWriter().print(JsonUtil.marshal(R.error(code, msg))); diff --git a/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/LogoutSuccessHandlerImpl.java b/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/LogoutSuccessHandlerImpl.java index fe18612..c4e5500 100644 --- a/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/LogoutSuccessHandlerImpl.java +++ b/waynboot-mobile-api/src/main/java/com/wayn/mobile/framework/security/handle/LogoutSuccessHandlerImpl.java @@ -7,6 +7,7 @@ import com.wayn.mobile.framework.security.service.TokenService; import lombok.SneakyThrows; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpStatus; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; @@ -35,7 +36,7 @@ public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler { tokenService.delLoginUser(loginUser.getToken()); } // 设置状态码 - response.setStatus(200); + response.setStatus(HttpStatus.OK.value()); // 将登录失败信息打包成json格式返回 response.setContentType("application/json;charset=UTF-8"); response.getWriter().print(JsonUtil.marshal(R.success()));