2 jaren geleden · d6cd5931ed
--- a/manager/src/main/java/cn/reghao/devops/manager/account/security/WebSecurityConfig.java
+++ b/manager/src/main/java/cn/reghao/devops/manager/account/security/WebSecurityConfig.java
@@ -3,12 +3,9 @@ package cn.reghao.devops.manager.account.security;
 
				 import cn.reghao.devops.manager.account.security.filter.LoginRedirectFilter;
			
 
				 import cn.reghao.devops.manager.account.security.form.AccountAuthFilter;
			
 
				 import cn.reghao.devops.manager.account.security.form.AccountAuthProvider;
			
 
				-import cn.reghao.devops.manager.account.security.handler.AuthFailHandlerImpl;
			
 
				-import cn.reghao.devops.manager.account.security.handler.AuthSuccessHandlerImpl;
			
 
				 import cn.reghao.devops.manager.account.service.AccountAuthService;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				-import org.springframework.security.access.expression.SecurityExpressionHandler;
			
 
				 import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
			
 
				 import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
			
 
				 import org.springframework.security.authentication.AuthenticationManager;
			
@@ -19,8 +16,6 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 
				 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
			
 
				 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
			
 
				 import org.springframework.security.config.http.SessionCreationPolicy;
			
 
				-import org.springframework.security.web.FilterInvocation;
			
 
				-import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
			
 
				 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
			
 
				 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
			
 
				 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
			
@@ -91,14 +86,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
				 
			
 
				         // 禁用 UsernamePasswordAuthenticationFilter, 使用自定义的 AccountAuthFilter
			
 
				         http.formLogin().disable();
			
 
				-                /*.loginPage(loginPage)
			
 
				-                .loginProcessingUrl(loginApi);*/
			
 
				 
			
 
				         // 配置 LogoutFilter
			
 
				         http.logout()
			
 
				                 .logoutUrl(logoutApi)
			
 
				                 .addLogoutHandler(logoutHandler)
			
 
				-                //.logoutSuccessUrl(loginPage)
			
 
				                 .logoutSuccessHandler(logoutSuccessHandler);
			
 
				 
			
 
				         // 配置 ExceptionTranslationFilter, 登录认证接口失败时的处理, 不会重定向到 loginPage
			
--- a/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthFailHandlerImpl.java
+++ b/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthFailHandlerImpl.java
@@ -1,7 +1,6 @@
 
				 package cn.reghao.devops.manager.account.security.handler;
			
 
				 
			
 
				 import cn.reghao.jutil.jdk.result.WebResult;
			
 
				-import org.springframework.http.HttpStatus;
			
 
				 import org.springframework.security.core.AuthenticationException;
			
 
				 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
			
 
				 import org.springframework.stereotype.Component;
			
@@ -25,18 +24,13 @@ public class AuthFailHandlerImpl implements AuthenticationFailureHandler {
 
				                                         HttpServletResponse response,
			
 
				                                         AuthenticationException exception) throws IOException, ServletException {
			
 
				         String errMsg = exception.getMessage();
			
 
				-
			
 
				-        response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
			
 
				-        response.setContentType("text/html;charset=utf-8");
			
 
				-        response.getWriter().write(exception.getMessage());
			
 
				+        String body = WebResult.failWithMsg(errMsg);
			
 
				+        writeResponse(response, body);
			
 
				     }
			
 
				 
			
 
				-    public void loginFailed(HttpServletResponse response, String errMsg) throws IOException {
			
 
				-        String retJson = WebResult.failWithMsg(errMsg);
			
 
				-        response.setStatus(HttpServletResponse.SC_OK);
			
 
				-        //response.setContentType("application/json; charset=utf-8");
			
 
				-        response.setContentType("text/html;charset=utf-8");
			
 
				+    private void writeResponse(HttpServletResponse response, String body) throws IOException {
			
 
				+        response.setContentType("application/json; charset=utf-8");
			
 
				         PrintWriter printWriter = response.getWriter();
			
 
				-        printWriter.write(retJson);
			
 
				+        printWriter.write(body);
			
 
				     }
			
 
				 }
			
--- a/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthSuccessHandlerImpl.java
+++ b/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthSuccessHandlerImpl.java
@@ -1,6 +1,7 @@
 
				 package cn.reghao.devops.manager.account.security.handler;
			
 
				 
			
 
				 import cn.reghao.jutil.jdk.result.WebResult;
			
 
				+import cn.reghao.jutil.web.ServletUtil;
			
 
				 import org.springframework.security.core.Authentication;
			
 
				 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
			
 
				 import org.springframework.security.web.savedrequest.SavedRequest;
			
@@ -22,34 +23,33 @@ public class AuthSuccessHandlerImpl implements AuthenticationSuccessHandler {
 
				     @Override
			
 
				     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication auth)
			
 
				             throws IOException {
			
 
				-        sendResponse(response);
			
 
				-        //redirect(request, response);
			
 
				-    }
			
 
				-
			
 
				-    private void sendResponse(HttpServletResponse response) throws IOException {
			
 
				-        response.setContentType("text/html;charset=utf-8");
			
 
				-        String result = WebResult.success();
			
 
				-        PrintWriter pt = response.getWriter();
			
 
				-        pt.println(result);
			
 
				+        String redirectPath = getRedirectPath();
			
 
				+        String body = WebResult.success(redirectPath);
			
 
				+        writeResponse(response, body);
			
 
				     }
			
 
				 
			
 
				     /**
			
 
				-     * TODO 前端无法处理重定向
			
 
				+     * 认证成功后, 重定向到登录前的地址, 需要 session 的支持
			
 
				      *
			
 
				      * @param
			
 
				      * @return
			
 
				-     * @date 2021-07-27 下午3:54
			
 
				+     * @date 2023-08-16 10:58:41
			
 
				      */
			
 
				-    private void redirect(HttpServletRequest request, HttpServletResponse response) throws IOException {
			
 
				+    private String getRedirectPath() {
			
 
				+        String redirectPath = "/";
			
 
				+        // 获取 spring security 在 session 中存放的变量
			
 
				         SavedRequest savedRequest =
			
 
				-                (SavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
			
 
				+                (SavedRequest) ServletUtil.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
			
 
				         if (savedRequest != null) {
			
 
				-            String redirectUrl = savedRequest.getRedirectUrl();
			
 
				-            // 跳转到登录前的地址
			
 
				-            response.sendRedirect(redirectUrl);
			
 
				-        } else {
			
 
				-            // 跳转到首页
			
 
				-            response.sendRedirect("/");
			
 
				+            redirectPath = savedRequest.getRedirectUrl();
			
 
				         }
			
 
				+
			
 
				+        return redirectPath;
			
 
				+    }
			
 
				+
			
 
				+    private void writeResponse(HttpServletResponse response, String body) throws IOException {
			
 
				+        response.setContentType("application/json; charset=utf-8");
			
 
				+        PrintWriter printWriter = response.getWriter();
			
 
				+        printWriter.write(body);
			
 
				     }
			
 
				 }
			
--- a/manager/src/main/resources/static/js/login.js
+++ b/manager/src/main/resources/static/js/login.js
@@ -12,8 +12,13 @@ layui.use(['element', 'layer'], function () {
 
				         var url = form.attr("action");
			
 
				         var serializeArray = form.serializeArray();
			
 
				         $.post(url, serializeArray, function (result) {
			
 
				-            var resBody = JSON.parse(result)
			
 
				-            $.fn.Messager(resBody);
			
 
				+            console.log(result)
			
 
				+            if (result.code === 0) {
			
 
				+                let redirectPath = result.data
			
 
				+                window.location.replace(redirectPath)
			
 
				+            } else {
			
 
				+                $.fn.Messager(result)
			
 
				+            }
			
 
				         }).error(function (result) {
			
 
				             layer.msg(result.responseText, {offset: '15px', time: 5000, icon: 2});
			
 
				         });