前后端分离的Web应用程序中使用Spring Security+Mybatis+JWT非对称加密+动态权限管理(五):各种处理类
一、responsebody实体类:用于给前端返回消息。
@Component public class AjaxResponseBody implements Serializable { /** * */ private static final long serialVersionUID = 1L; private String status; private String msg; private Object result; private String jwtToken; public String getJwtToken() { return jwtToken; } public void setJwtToken(String jwtToken) { this.jwtToken = jwtToken; } public String getStatus() { return status; } public void setStatus(String status) { this.status = status; } public String getMsg() { return msg; } public void setMsg(String msg) { this.msg = msg; } public Object getResult() { return result; } public void setResult(Object result) { this.result = result; } }
二、无权限的提示消息。
@Component public class AjaxAccessDeniedHandler implements AccessDeniedHandler { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { AjaxResponseBody responseBody = new AjaxResponseBody(); responseBody.setStatus("03"); responseBody.setMsg("Need Authorities!"); response.getWriter().write(JSON.toJSONString(responseBody)); } }
三、未登录的提示消息。
@Component public class AjaxAccessDeniedHandler implements AccessDeniedHandler { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { AjaxResponseBody responseBody = new AjaxResponseBody(); responseBody.setStatus("03"); responseBody.setMsg("Need Authorities!"); response.getWriter().write(JSON.toJSONString(responseBody)); } }
四、身份验证失败的提示消息。
@Component public class AjaxAuthenticationFailureHandler implements AuthenticationFailureHandler { @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { AjaxResponseBody responseBody = new AjaxResponseBody(); responseBody.setStatus("02"); responseBody.setMsg("Login Failure!"); response.getWriter().write(JSON.toJSONString(responseBody)); } }
五、登出成功的提示消息。
@Component public class AjaxLogoutSuccessHandler implements LogoutSuccessHandler{ @Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { AjaxResponseBody responseBody = new AjaxResponseBody(); responseBody.setStatus("00"); responseBody.setMsg("Logout Successfully!"); response.getWriter().write(JSON.toJSONString(responseBody)); } }
六、登录成功的提示消息,以及签发JWT令牌至前端。此处用到生成令牌的自定义类,后续补充详解该类。
@Component public class AjaxAuthenticationSuccessHandler implements AuthenticationSuccessHandler{ @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { AjaxResponseBody responseBody = new AjaxResponseBody(); responseBody.setStatus("00"); responseBody.setMsg("Login Success!"); User myUserDetails = (User) authentication.getPrincipal(); String jwtToken = JwtTokenUtils.generateToken(myUserDetails.getUsername(), 3000); //token有效时间3000秒 responseBody.setJwtToken(jwtToken); response.getWriter().write(JSON.toJSONString(responseBody)); } }
浙公网安备 33010602011771号