safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/exception/GlobalExceptionHandler.java
@@ -7,6 +7,8 @@ import com.gkhy.safePlatform.commons.vo.ResultVO; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.core.AuthenticationException; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseBody; @@ -38,6 +40,32 @@ return new ResultVO(e.getError()); } /** * @Description: AuthenticationException */ @ResponseBody @ExceptionHandler(value = AuthenticationException.class) public ResultVO CHandler(AuthenticationException e) { logger.warn(e.getMessage()); return new ResultVO(ResultCodes.CLIENT_PERMISSION_NOT_ALLOW); } /** * @Description: AuthenticationException */ @ResponseBody @ExceptionHandler(value = AccessDeniedException.class) public ResultVO DHandler(AccessDeniedException e) { logger.warn(e.getMessage()); return new ResultVO(ResultCodes.CLIENT_PERMISSION_NOT_ALLOW); } /** * 系统错误异常 */ safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
@@ -3,6 +3,7 @@ import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService; import com.gkhy.safePlatform.commons.co.CacheAuthority; import com.gkhy.safePlatform.commons.co.CacheUser; import com.gkhy.safePlatform.commons.enums.RedisKeyEnum; import com.gkhy.safePlatform.commons.enums.ResultCodes; @@ -54,11 +55,7 @@ } catch (BusinessException e) { // 返回异常 this.writeJSON(req, resp, new ResultVO<>(e.getError())); } catch (Exception e) { e.printStackTrace(); this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR)); } } @@ -93,13 +90,15 @@ // 3.redis获取权限 String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId); String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey); List<GrantedAuthority> authorities; List<GrantedAuthority> authorities = new ArrayList<>(); // 4.redis中是否存在 if (oo != null) { // 5.存在 authorities = JSONArray.parseArray(oo, GrantedAuthority.class); List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo, CacheAuthority.class); for (CacheAuthority cacheAuthority: cacheAuthorities) { authorities.add(new SimpleGrantedAuthority(cacheAuthority.getAuthority())); } }else { authorities = new ArrayList<>(); // 6.不存在=>数据库查询 String roleCode = userAccountService.getUserRoleCodeByUserId(userId); // role safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
@@ -50,8 +50,6 @@ http.headers().cacheControl(); // jwt过滤器 http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); // 没有登录,没有权限 => 自定义返回 http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).accessDeniedHandler(accessDeniedHandler); // 请求认证访问 http.authorizeRequests().anyRequest().authenticated(); // 允许跨域访问
