From afbd40b5510099b948c9bbb4a6c435d7ed6a0da5 Mon Sep 17 00:00:00 2001 From: xiang Date: Sun, 31 Aug 2025 00:22:12 +0800 Subject: [PATCH] =?UTF-8?q?feat:=E6=96=B0=E5=A2=9E2=E4=B8=AA=E8=87=AA?= =?UTF-8?q?=E5=AE=9A=E4=B9=89=E5=BC=82=E5=B8=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../xservice/basic/common/resp/Result.java | 5 +++ .../exception/CustomAccessDeniedHandler.java | 32 +++++++++++++++++++ .../CustomAuthenticationEntryPoint.java | 30 +++++++++++++++++ .../basic/exception/code/ErrorCode.java | 2 ++ 4 files changed, 69 insertions(+) create mode 100644 xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAccessDeniedHandler.java create mode 100644 xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAuthenticationEntryPoint.java diff --git a/xservice-common/src/main/java/com/xiang/xservice/basic/common/resp/Result.java b/xservice-common/src/main/java/com/xiang/xservice/basic/common/resp/Result.java index e11a75d..35be093 100644 --- a/xservice-common/src/main/java/com/xiang/xservice/basic/common/resp/Result.java +++ b/xservice-common/src/main/java/com/xiang/xservice/basic/common/resp/Result.java @@ -1,5 +1,6 @@ package com.xiang.xservice.basic.common.resp; +import com.xiang.xservice.basic.exception.code.BaseErrorCode; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; @@ -55,4 +56,8 @@ public class Result { public static Result error(String code, String message) { return new Result(code, message, null); } + + public static Result error(BaseErrorCode code) { + return new Result<>(code.getCode(), code.getMessage(), null); + } } \ No newline at end of file diff --git a/xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAccessDeniedHandler.java b/xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAccessDeniedHandler.java new file mode 100644 index 0000000..6da4440 --- /dev/null +++ b/xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAccessDeniedHandler.java @@ -0,0 +1,32 @@ +package com.xiang.xservice.basic.exception; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.xiang.xservice.basic.common.resp.Result; +import com.xiang.xservice.basic.exception.code.ErrorCode; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.web.access.AccessDeniedHandler; +import org.springframework.stereotype.Component; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * 用户403鉴权失败异常捕获 + */ +@Slf4j +@Component +public class CustomAccessDeniedHandler implements AccessDeniedHandler { + @Override + public void handle(HttpServletRequest request, + HttpServletResponse response, + AccessDeniedException accessDeniedException) throws IOException, ServletException { + response.setContentType("application/json;charset=UTF-8"); + response.setStatus(HttpServletResponse.SC_FORBIDDEN); + log.error("======用户鉴权失败======"); + Result result = Result.error(ErrorCode.USER_DENIED_ACCESS); + response.getWriter().write(new ObjectMapper().writeValueAsString(result)); + } +} diff --git a/xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAuthenticationEntryPoint.java b/xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAuthenticationEntryPoint.java new file mode 100644 index 0000000..96645d6 --- /dev/null +++ b/xservice-common/src/main/java/com/xiang/xservice/basic/exception/CustomAuthenticationEntryPoint.java @@ -0,0 +1,30 @@ +package com.xiang.xservice.basic.exception; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.xiang.xservice.basic.common.resp.Result; +import com.xiang.xservice.basic.exception.code.ErrorCode; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * 用户未鉴权异常处理器 + */ +@Slf4j +@Component +public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint { + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { + response.setContentType("application/json;charset=UTF-8"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + log.error("========用户未进行验证鉴权=========="); + Result result = Result.error(ErrorCode.NOT_AUTHORIZATION); + response.getWriter().write(new ObjectMapper().writeValueAsString(result)); + } +} diff --git a/xservice-common/src/main/java/com/xiang/xservice/basic/exception/code/ErrorCode.java b/xservice-common/src/main/java/com/xiang/xservice/basic/exception/code/ErrorCode.java index 0e6e07f..c7f06cc 100644 --- a/xservice-common/src/main/java/com/xiang/xservice/basic/exception/code/ErrorCode.java +++ b/xservice-common/src/main/java/com/xiang/xservice/basic/exception/code/ErrorCode.java @@ -10,6 +10,8 @@ public enum ErrorCode implements BaseErrorCode { ERROR("-1", "系统繁忙,请稍后再试!"), PARAM_ERROR("-2", "请求参数异常!"), JSON_ERROR("-3", "JSON异常!"), + USER_DENIED_ACCESS("-4", "用户权限不足!"), + NOT_AUTHORIZATION("-5", "用户未进行系统认证!") ; private final String code;