From 84370e595f643551a8cbfd670e3d78d69766aeab Mon Sep 17 00:00:00 2001 From: lucca Date: Wed, 26 Apr 2023 17:20:01 +0800 Subject: [PATCH] =?UTF-8?q?optimize(server):=20=E4=BC=98=E5=8C=96=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E7=94=A8=E6=88=B7=E4=B8=8D=E5=AD=98=E5=9C=A8=E5=92=8C?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E9=94=99=E8=AF=AF=E7=9A=84=E5=9B=9E=E6=98=BE?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/config/GlobalSecurityConfig.java | 22 ++++++++++++++----- .../auth/filter/JWTAuthenticationFilter.java | 20 ++++++++++++++++- .../service/impl/UserDetailsServiceImpl.java | 1 - .../java/cn/hippo4j/auth/toolkit/ReturnT.java | 6 ++--- .../cn/hippo4j/auth/toolkit/ReturnTTest.java | 2 +- 5 files changed, 39 insertions(+), 12 deletions(-) diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java index f3f0d9ea..4f0e3ff6 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java @@ -26,8 +26,8 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.BeanIds; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; @@ -86,11 +86,6 @@ public class GlobalSecurityConfig extends WebSecurityConfigurerAdapter { return source; } - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder()); - } - @Override protected void configure(HttpSecurity http) throws Exception { http.cors().and().csrf().disable() @@ -111,6 +106,21 @@ public class GlobalSecurityConfig extends WebSecurityConfigurerAdapter { web.ignoring().antMatchers(ignores); } + /** + * 手动注入 DaoAuthentication + * 取代 void configure(AuthenticationManagerBuilder auth) 方法 + * 修改 hideUserNotFoundExceptions 初始值为 false + * 解决 UserNotFoundException 不抛出问题 + */ + @Bean + public DaoAuthenticationProvider authenticationProvider() { + DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); + provider.setHideUserNotFoundExceptions(false); + provider.setUserDetailsService(userDetailsService); + provider.setPasswordEncoder(bCryptPasswordEncoder()); + return provider; + } + private void disableAuthenticationIfNeeded(HttpSecurity http) throws Exception { if (Boolean.FALSE.equals(enableAuthentication)) { http.authorizeRequests().antMatchers("/hippo4j/v1/cs/**").permitAll(); diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java index 997fb078..e1f7f977 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthenticationFilter.java @@ -31,6 +31,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import javax.servlet.FilterChain; @@ -72,8 +73,12 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte rememberMe.set(loginUser.getRememberMe()); authenticate = authenticationManager.authenticate( new UsernamePasswordAuthenticationToken(loginUser.getUsername(), loginUser.getPassword(), new ArrayList())); + } catch (UsernameNotFoundException e) { + log.warn("User {} not found", e.getMessage()); + throw e; } catch (BadCredentialsException e) { log.warn("Bad credentials exception: {}", e.getMessage()); + throw e; } catch (Exception e) { log.error("Attempt authentication error", e); } @@ -108,6 +113,19 @@ public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilte @Override protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException { response.setCharacterEncoding("UTF-8"); - response.getWriter().write(JSONUtil.toJSONString(new ReturnT(ReturnT.JWT_FAIL_CODE, "Server Error"))); + response.getWriter().write(JSONUtil.toJSONString(new ReturnT(ReturnT.JWT_FAIL_CODE, getMessage(failed)))); + } + + /** + * 根据不同的异常类型返回给前端不同的回显信息 + */ + protected String getMessage(AuthenticationException failed) { + String message = "Server Error"; + if (failed instanceof UsernameNotFoundException) { + message = "用户不存在"; + } else if (failed instanceof BadCredentialsException) { + message = "密码错误"; + } + return message; } } diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java index da6d359b..dc62a170 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java @@ -59,7 +59,6 @@ public class UserDetailsServiceImpl implements UserDetailsService { } UserInfo userInfo = userMapper.selectOne(Wrappers.lambdaQuery(UserInfo.class).eq(UserInfo::getUserName, userName)); if (Objects.isNull(userInfo)) { - log.warn("User {} not found", userName); throw new UsernameNotFoundException(userName); } JwtUser jwtUser = new JwtUser(); diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java index ed76b4f5..1309c91f 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/toolkit/ReturnT.java @@ -43,13 +43,13 @@ public class ReturnT implements Serializable { private int code; - private String msg; + private String message; private T content; - public ReturnT(int code, String msg) { + public ReturnT(int code, String message) { this.code = code; - this.msg = msg; + this.message = message; } public ReturnT(T content) { diff --git a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java index 8c2ff9b2..695c714d 100644 --- a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java +++ b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/toolkit/ReturnTTest.java @@ -39,7 +39,7 @@ public final class ReturnTTest { @Test public void assertGetMessage() { - Assert.isNull(returnT.getMsg()); + Assert.isNull(returnT.getMessage()); } @Test