Shiro 认证优化

v1.4.1
Parker 4 years ago
parent 3805b8b993
commit c8d291e6f8

@ -130,6 +130,8 @@ public class ShiroConfig {
public DefaultWebSecurityManager securityManager(SessionManager sessionManager) { public DefaultWebSecurityManager securityManager(SessionManager sessionManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setSessionManager(sessionManager); securityManager.setSessionManager(sessionManager);
// 设置验证器为自定义验证器
securityManager.setAuthenticator(modularRealmAuthenticator());
List<Realm> realms = Lists.newArrayList(); List<Realm> realms = Lists.newArrayList();
// 拿到state包下 实现了 FlagRealm 接口的,所有子类 // 拿到state包下 实现了 FlagRealm 接口的,所有子类

@ -43,11 +43,14 @@ public class CustomShiroFilter extends AuthenticatingFilter {
return null; return null;
} }
String tokenType = "";
// 分析token // 分析token
String claim = JwtUtil.getClaim(token, SignConstants.TYPE); try {
tokenType = JwtUtil.getClaim(token, SignConstants.TYPE);
}catch (Exception ignored){}
// 手机登录 // 手机登录
if(TokenTypeConstants.TYPE_EXTERNAL.equals(claim)){ if(TokenTypeConstants.TYPE_EXTERNAL.equals(tokenType)){
return new ExternalToken(token); return new ExternalToken(token);
} }
// .... 追加登录方式 // .... 追加登录方式
@ -100,7 +103,7 @@ public class CustomShiroFilter extends AuthenticatingFilter {
//处理登录失败的异常 //处理登录失败的异常
Throwable throwable = e.getCause() == null ? e : e.getCause(); Throwable throwable = e.getCause() == null ? e : e.getCause();
ResultVo<Object> error = ResultVo.error(TokenMsg.EXCEPTION_TOKEN_LOSE_EFFICACY.getCode(), ResultVo<Object> error = ResultVo.error(TokenMsg.EXCEPTION_TOKEN_LOSE_EFFICACY.getCode(),
TokenMsg.EXCEPTION_TOKEN_LOSE_EFFICACY.getMessage()); throwable.getMessage());
httpResponse.getWriter().print(error.toJsonStr()); httpResponse.getWriter().print(error.toJsonStr());
} catch (IOException ignored) {} } catch (IOException ignored) {}
return false; return false;

Loading…
Cancel
Save