From 3c8adffe42ca1278f276dd60ec8b68ce286edfc3 Mon Sep 17 00:00:00 2001 From: FatttSnake Date: Fri, 5 May 2023 02:31:35 +0800 Subject: [PATCH] Added unauthorized access response. Added logout. --- .../cfive/pinnacle/config/SecurityConfig.java | 16 +++++++++++- .../permission/LoginController.java | 13 ++++++++-- .../pinnacle/entity/common/ResponseCode.java | 3 +++ .../AuthenticationEntryPointHandler.java | 20 ++++++++++++++ .../service/permission/ILoginService.java | 2 +- .../permission/impl/LoginServiceImpl.java | 4 +-- .../com/cfive/pinnacle/utils/WebUtil.java | 26 +++++++++++++++++++ 7 files changed, 78 insertions(+), 6 deletions(-) create mode 100644 Pinnacle/src/main/java/com/cfive/pinnacle/handler/AuthenticationEntryPointHandler.java create mode 100644 Pinnacle/src/main/java/com/cfive/pinnacle/utils/WebUtil.java diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/config/SecurityConfig.java b/Pinnacle/src/main/java/com/cfive/pinnacle/config/SecurityConfig.java index 8d9bb87..1f323d0 100644 --- a/Pinnacle/src/main/java/com/cfive/pinnacle/config/SecurityConfig.java +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/config/SecurityConfig.java @@ -1,6 +1,7 @@ package com.cfive.pinnacle.config; import com.cfive.pinnacle.filter.JwtAuthenticationTokenFilter; +import com.cfive.pinnacle.handler.AuthenticationEntryPointHandler; import com.cfive.pinnacle.service.permission.impl.UserDetailsServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; @@ -18,6 +19,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic public class SecurityConfig { private UserDetailsServiceImpl userDetailsService; private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter; + private AuthenticationEntryPointHandler authenticationEntryPointHandler; @Autowired public void setUserDetailsService(UserDetailsServiceImpl userDetailsService) { @@ -29,6 +31,11 @@ public class SecurityConfig { this.jwtAuthenticationTokenFilter = jwtAuthenticationTokenFilter; } + @Autowired + public void setAuthenticationEntryPointHandler(AuthenticationEntryPointHandler authenticationEntryPointHandler) { + this.authenticationEntryPointHandler = authenticationEntryPointHandler; + } + @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); @@ -55,12 +62,19 @@ public class SecurityConfig { // Allow anonymous access .authorizeHttpRequests() - .requestMatchers("/user/login").anonymous() + .requestMatchers("/login").anonymous() // Authentication required .anyRequest().authenticated() .and() + .logout() + .disable() + + .exceptionHandling() + .authenticationEntryPoint(authenticationEntryPointHandler) + .and() + .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class) .build(); } diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/LoginController.java b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/LoginController.java index ed81db5..3c0d9a1 100644 --- a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/LoginController.java +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/LoginController.java @@ -13,7 +13,6 @@ import org.springframework.web.bind.annotation.RestController; import java.util.HashMap; @RestController -@RequestMapping("/user") public class LoginController { private ILoginService loginService; @@ -26,6 +25,16 @@ public class LoginController { @PostMapping("/login") public ResponseResult login(@RequestBody User user) { HashMap hashMap = loginService.login(user); - return ResponseResult.build(ResponseCode.LOGIN_SUCCESS, "success", hashMap); + return ResponseResult.build(ResponseCode.LOGIN_SUCCESS, "Login Success", hashMap); + } + + @RequestMapping("/logout") + public ResponseResult logout() { + boolean result = loginService.logout(); + if (result) { + return ResponseResult.build(ResponseCode.LOGOUT_SUCCESS, "Logout Success", null); + } else { + return ResponseResult.build(ResponseCode.LOGOUT_FAILED, "Logout Failed", null); + } } } diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java b/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java index 36013f4..3649e12 100644 --- a/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java @@ -8,6 +8,8 @@ public class ResponseCode { public static final int SYSTEM_OK = 20000; public static final int LOGIN_SUCCESS = 20010; public static final int LOGIN_USERNAME_PASSWORD_ERROR = 20011; + public static final int LOGOUT_SUCCESS = 20015; + public static final int LOGOUT_FAILED = 20016; public static final int DATABASE_SELECT_OK = 20021; public static final int DATABASE_SAVE_OK = 20022; public static final int DATABASE_UPDATE_OK = 20023; @@ -19,6 +21,7 @@ public class ResponseCode { public static final int DATABASE_TIMEOUT_ERROR = 20035; public static final int DATABASE_CONNECT_ERROR = 20036; + public static final int UNAUTHORIZED = 30010; public static final int SYSTEM_ERROR = 50001; public static final int SYSTEM_TIMEOUT = 50002; diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/handler/AuthenticationEntryPointHandler.java b/Pinnacle/src/main/java/com/cfive/pinnacle/handler/AuthenticationEntryPointHandler.java new file mode 100644 index 0000000..c49dfa0 --- /dev/null +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/handler/AuthenticationEntryPointHandler.java @@ -0,0 +1,20 @@ +package com.cfive.pinnacle.handler; + +import com.cfive.pinnacle.entity.common.ResponseCode; +import com.cfive.pinnacle.utils.WebUtil; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Component +public class AuthenticationEntryPointHandler implements AuthenticationEntryPoint { + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { + String objectResponse = WebUtil.objectResponse(ResponseCode.UNAUTHORIZED, "Unauthorized access", null); + WebUtil.renderString(response, objectResponse); + } +} diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/ILoginService.java b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/ILoginService.java index 4e01ec9..196eeb5 100644 --- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/ILoginService.java +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/ILoginService.java @@ -7,5 +7,5 @@ import java.util.HashMap; public interface ILoginService { HashMap login(User user); - void logout(); + boolean logout(); } diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/LoginServiceImpl.java b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/LoginServiceImpl.java index 9f9a1ca..859045c 100644 --- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/LoginServiceImpl.java +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/LoginServiceImpl.java @@ -51,11 +51,11 @@ public class LoginServiceImpl implements ILoginService { } @Override - public void logout() { + public boolean logout() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); LoginUser loginUser = (LoginUser) authentication.getPrincipal(); Long userId = loginUser.getUser().getId(); - redisCache.deleteObject("login:" + userId); + return redisCache.deleteObject("login:" + userId); } } diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/utils/WebUtil.java b/Pinnacle/src/main/java/com/cfive/pinnacle/utils/WebUtil.java new file mode 100644 index 0000000..22a465c --- /dev/null +++ b/Pinnacle/src/main/java/com/cfive/pinnacle/utils/WebUtil.java @@ -0,0 +1,26 @@ +package com.cfive.pinnacle.utils; + +import com.cfive.pinnacle.entity.common.ResponseResult; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import jakarta.servlet.http.HttpServletResponse; + +import java.io.IOException; + +public class WebUtil { + public static String convert2json(Object object) throws JsonProcessingException { + return new ObjectMapper().writeValueAsString(object); + } + + public static String objectResponse(int resultCode, String msg, Object object) throws JsonProcessingException { + ResponseResult result = ResponseResult.build(resultCode, msg, object); + return convert2json(result); + } + + public static void renderString(HttpServletResponse response, String string) throws IOException { + response.setStatus(200); + response.setContentType("application/json"); + response.setCharacterEncoding("utf-8"); + response.getWriter().print(string); + } +}