diff --git a/pom.xml b/pom.xml index f43e3f3..5b02406 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ vip.jcfd zkh-framework - 1.5.7 + 1.5.8 pom ZKH Framework A Java framework for ZKH applications diff --git a/zkh-common/pom.xml b/zkh-common/pom.xml index e2695bf..afe9fa4 100644 --- a/zkh-common/pom.xml +++ b/zkh-common/pom.xml @@ -6,7 +6,7 @@ vip.jcfd zkh-framework - 1.5.7 + 1.5.8 zkh-common diff --git a/zkh-data/pom.xml b/zkh-data/pom.xml index 8dd4ef3..8ab8519 100644 --- a/zkh-data/pom.xml +++ b/zkh-data/pom.xml @@ -6,7 +6,7 @@ vip.jcfd zkh-framework - 1.5.7 + 1.5.8 zkh-data diff --git a/zkh-file/pom.xml b/zkh-file/pom.xml index 764ba44..1de004b 100644 --- a/zkh-file/pom.xml +++ b/zkh-file/pom.xml @@ -6,7 +6,7 @@ vip.jcfd zkh-framework - 1.5.7 + 1.5.8 zkh-file diff --git a/zkh-log/pom.xml b/zkh-log/pom.xml index ae15e10..4c4c15d 100644 --- a/zkh-log/pom.xml +++ b/zkh-log/pom.xml @@ -6,7 +6,7 @@ vip.jcfd zkh-framework - 1.5.7 + 1.5.8 zkh-log diff --git a/zkh-web/pom.xml b/zkh-web/pom.xml index 162117f..716aabc 100644 --- a/zkh-web/pom.xml +++ b/zkh-web/pom.xml @@ -7,7 +7,7 @@ vip.jcfd zkh-framework - 1.5.7 + 1.5.8 zkh-web @@ -23,6 +23,10 @@ vip.jcfd zkh-log + + org.springframework.boot + spring-boot-starter-aop + org.springframework.boot spring-boot-starter-web diff --git a/zkh-web/src/main/java/vip/jcfd/web/config/WebSecurityConfig.java b/zkh-web/src/main/java/vip/jcfd/web/config/WebSecurityConfig.java index 4e0f6aa..24a682d 100644 --- a/zkh-web/src/main/java/vip/jcfd/web/config/WebSecurityConfig.java +++ b/zkh-web/src/main/java/vip/jcfd/web/config/WebSecurityConfig.java @@ -115,7 +115,7 @@ public class WebSecurityConfig { config.requestMatchers(securityProps.getIgnoreUrls()).permitAll(); config.anyRequest().authenticated(); }); - CustomAuthenticationEntryPoint authenticationEntryPoint = new CustomAuthenticationEntryPoint(objectMapper, tokenRedisStorage); + CustomAuthenticationEntryPoint authenticationEntryPoint = new CustomAuthenticationEntryPoint(objectMapper, tokenRedisStorage, securityProps); http.formLogin(config -> { config.loginProcessingUrl("/login"); }); @@ -140,7 +140,8 @@ public class WebSecurityConfig { private record CustomAuthenticationEntryPoint( ObjectMapper objectMapper, - TokenRedisStorage tokenRedisStorage) implements AuthenticationEntryPoint, AuthenticationFailureHandler, AuthenticationSuccessHandler { + TokenRedisStorage tokenRedisStorage, + SecurityProps securityProps) implements AuthenticationEntryPoint, AuthenticationFailureHandler, AuthenticationSuccessHandler { @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { log.warn("访问 {} ,但是认证失败", request.getRequestURI(), authException); @@ -152,7 +153,7 @@ public class WebSecurityConfig { @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { log.warn("登录失败", exception); - R data = new R<>(HttpServletResponse.SC_UNAUTHORIZED, "用户名或密码错误", false, null); + R data = new R<>(HttpServletResponse.SC_BAD_REQUEST, "用户名或密码错误", false, null); response.setContentType("application/json;charset=UTF-8"); objectMapper.writeValue(response.getWriter(), data); } @@ -177,7 +178,7 @@ public class WebSecurityConfig { accessToken, refreshToken, "Bearer", - 1800, // 30分钟,秒数 + securityProps.getDuration().getSeconds(), // 30分钟,秒数 authentication.getName() );