Added unauthorized access response. Added logout.

2026-04-04 22:41:24 +08:00 · 2023-05-05 02:31:35 +08:00
parent ac39f886b6
commit 3c8adffe42
7 changed files with 78 additions and 6 deletions
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/config/SecurityConfig.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/config/SecurityConfig.java
@@ -1,6 +1,7 @@
 package com.cfive.pinnacle.config;

 import com.cfive.pinnacle.filter.JwtAuthenticationTokenFilter;
+import com.cfive.pinnacle.handler.AuthenticationEntryPointHandler;
 import com.cfive.pinnacle.service.permission.impl.UserDetailsServiceImpl;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -18,6 +19,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 public class SecurityConfig {
    private UserDetailsServiceImpl userDetailsService;
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
+    private AuthenticationEntryPointHandler authenticationEntryPointHandler;

    @Autowired
    public void setUserDetailsService(UserDetailsServiceImpl userDetailsService) {
@@ -29,6 +31,11 @@ public class SecurityConfig {
        this.jwtAuthenticationTokenFilter = jwtAuthenticationTokenFilter;
    }

+    @Autowired
+    public void setAuthenticationEntryPointHandler(AuthenticationEntryPointHandler authenticationEntryPointHandler) {
+        this.authenticationEntryPointHandler = authenticationEntryPointHandler;
+    }
+
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
@@ -55,12 +62,19 @@ public class SecurityConfig {

                // Allow anonymous access
                .authorizeHttpRequests()
-                .requestMatchers("/user/login").anonymous()
+                .requestMatchers("/login").anonymous()

                // Authentication required
                .anyRequest().authenticated()
                .and()

+                .logout()
+                .disable()
+
+                .exceptionHandling()
+                .authenticationEntryPoint(authenticationEntryPointHandler)
+                .and()
+
                .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
                .build();
    }
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/LoginController.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/LoginController.java
@@ -13,7 +13,6 @@ import org.springframework.web.bind.annotation.RestController;
 import java.util.HashMap;

@RestController
-@RequestMapping("/user")
 public class LoginController {

    private ILoginService loginService;
@@ -26,6 +25,16 @@ public class LoginController {
    @PostMapping("/login")
    public ResponseResult login(@RequestBody User user) {
        HashMap<String, String> hashMap = loginService.login(user);
-        return ResponseResult.build(ResponseCode.LOGIN_SUCCESS, "success", hashMap);
+        return ResponseResult.build(ResponseCode.LOGIN_SUCCESS, "Login Success", hashMap);
+    }
+
+    @RequestMapping("/logout")
+    public ResponseResult logout() {
+        boolean result = loginService.logout();
+        if (result) {
+            return ResponseResult.build(ResponseCode.LOGOUT_SUCCESS, "Logout Success", null);
+        } else {
+            return ResponseResult.build(ResponseCode.LOGOUT_FAILED, "Logout Failed", null);
+        }
    }
 }
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java
@@ -8,6 +8,8 @@ public class ResponseCode {
    public static final int SYSTEM_OK = 20000;
    public static final int LOGIN_SUCCESS = 20010;
    public static final int LOGIN_USERNAME_PASSWORD_ERROR = 20011;
+    public static final int LOGOUT_SUCCESS = 20015;
+    public static final int LOGOUT_FAILED = 20016;
    public static final int DATABASE_SELECT_OK = 20021;
    public static final int DATABASE_SAVE_OK = 20022;
    public static final int DATABASE_UPDATE_OK = 20023;
@@ -19,6 +21,7 @@ public class ResponseCode {
    public static final int DATABASE_TIMEOUT_ERROR = 20035;
    public static final int DATABASE_CONNECT_ERROR = 20036;

+    public static final int UNAUTHORIZED = 30010;

    public static final int SYSTEM_ERROR = 50001;
    public static final int SYSTEM_TIMEOUT = 50002;
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/handler/AuthenticationEntryPointHandler.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/handler/AuthenticationEntryPointHandler.java
@@ -0,0 +1,20 @@
+package com.cfive.pinnacle.handler;
+
+import com.cfive.pinnacle.entity.common.ResponseCode;
+import com.cfive.pinnacle.utils.WebUtil;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Component
+public class AuthenticationEntryPointHandler implements AuthenticationEntryPoint {
+    @Override
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
+        String objectResponse = WebUtil.objectResponse(ResponseCode.UNAUTHORIZED, "Unauthorized access", null);
+        WebUtil.renderString(response, objectResponse);
+    }
+}
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/ILoginService.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/ILoginService.java
@@ -7,5 +7,5 @@ import java.util.HashMap;
 public interface ILoginService {
    HashMap<String, String> login(User user);

-    void logout();
+    boolean logout();
 }
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/LoginServiceImpl.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/LoginServiceImpl.java
@@ -51,11 +51,11 @@ public class LoginServiceImpl implements ILoginService {
    }

    @Override
-    public void logout() {
+    public boolean logout() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();

        Long userId = loginUser.getUser().getId();
-        redisCache.deleteObject("login:" + userId);
+        return redisCache.deleteObject("login:" + userId);
    }
 }
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/utils/WebUtil.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/utils/WebUtil.java
@@ -0,0 +1,26 @@
+package com.cfive.pinnacle.utils;
+
+import com.cfive.pinnacle.entity.common.ResponseResult;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.http.HttpServletResponse;
+
+import java.io.IOException;
+
+public class WebUtil {
+    public static String convert2json(Object object) throws JsonProcessingException {
+        return new ObjectMapper().writeValueAsString(object);
+    }
+
+    public static String objectResponse(int resultCode, String msg, Object object) throws JsonProcessingException {
+        ResponseResult result = ResponseResult.build(resultCode, msg, object);
+        return convert2json(result);
+    }
+
+    public static void renderString(HttpServletResponse response, String string) throws IOException {
+        response.setStatus(200);
+        response.setContentType("application/json");
+        response.setCharacterEncoding("utf-8");
+        response.getWriter().print(string);
+    }
+}