权限管理_编写Security处理器（1）-【官方】百战程序员_IT在线教育培训机构

之前使用Spring Security时，登录后会配置跳转页面。但百战商城是前后端分离项目，所有认证和授权的结果，只是返回json字符串让前端去处理。所以我们要创建认证成功处理器、认证失败处理器、未登录处理器、权限不足处理器、登出成功处理器处理不同的结果，Spring Security通过实现接口编写结果处理器。

在管理员API模块引入Spring Security的依赖


xxxxxxxxxx
<!-- spring security -->
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

编写认证成功、认证失败处理器


xxxxxxxxxx
// 登录成功处理器
public class MyLoginSuccessHandler implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        response.setContentType("text/json;charset=utf-8");
        BaseResult result = new BaseResult(200, "登录成功", null);
        response.getWriter().write(JSON.toJSONString(result));
    }
}

// 登录失败处理器
public class MyLoginFailureHandler implements AuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        response.setContentType("text/json;charset=utf-8");
        BaseResult result = new BaseResult(402, "用户名或密码错误", null);
        response.getWriter().write(JSON.toJSONString(result));
    }
}

编写未登录处理器


xxxxxxxxxx
// 未登录处理器
public class MyAuthenticationEntryPoint implements AuthenticationEntryPoint {
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
        response.setContentType("text/json;charset=utf-8");
        BaseResult result = new BaseResult(401, "用户名未登录", null);
        response.getWriter().write(JSON.toJSONString(result));
    }
}

编写权限不足处理器


xxxxxxxxxx
// 权限不足处理器
public class MyAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        response.setContentType("text/json;charset=utf-8");
        BaseResult result = new BaseResult(403, "权限不足", null);
        response.getWriter().write(JSON.toJSONString(result));
    }
}

编写登出成功处理器


xxxxxxxxxx
// 登出成功处理器
public class MyLogoutSuccessHandler implements LogoutSuccessHandler {
    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        response.setContentType("text/json;charset=utf-8");
        BaseResult result = new BaseResult(200, "注销成功", null);
        response.getWriter().write(JSON.toJSONString(result));
    }
}

权限管理_编写权限控制器权限管理_编写Security处理器（2）

北京市昌平区回龙观镇南店村综合商业楼2楼226室