account 模块和 myblog 项目对齐

manager/src/main/java/cn/reghao/devops/manager/account/security/WebSecurityConfig.java

@@ -3,12 +3,9 @@ package cn.reghao.devops.manager.account.security;
 import cn.reghao.devops.manager.account.security.filter.LoginRedirectFilter;
 import cn.reghao.devops.manager.account.security.form.AccountAuthFilter;
 import cn.reghao.devops.manager.account.security.form.AccountAuthProvider;
-import cn.reghao.devops.manager.account.security.handler.AuthFailHandlerImpl;
-import cn.reghao.devops.manager.account.security.handler.AuthSuccessHandlerImpl;
 import cn.reghao.devops.manager.account.service.AccountAuthService;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.access.expression.SecurityExpressionHandler;
 import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
 import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -19,8 +16,6 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.web.FilterInvocation;
-import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@@ -91,14 +86,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
         // 禁用 UsernamePasswordAuthenticationFilter, 使用自定义的 AccountAuthFilter
         http.formLogin().disable();
-                /*.loginPage(loginPage)
-                .loginProcessingUrl(loginApi);*/
 
         // 配置 LogoutFilter
         http.logout()
                 .logoutUrl(logoutApi)
                 .addLogoutHandler(logoutHandler)
-                //.logoutSuccessUrl(loginPage)
                 .logoutSuccessHandler(logoutSuccessHandler);
 
         // 配置 ExceptionTranslationFilter, 登录认证接口失败时的处理, 不会重定向到 loginPage

manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthFailHandlerImpl.java

@@ -1,7 +1,6 @@
 package cn.reghao.devops.manager.account.security.handler;
 
 import cn.reghao.jutil.jdk.result.WebResult;
-import org.springframework.http.HttpStatus;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.stereotype.Component;
@@ -25,18 +24,13 @@ public class AuthFailHandlerImpl implements AuthenticationFailureHandler {
                                         HttpServletResponse response,
                                         AuthenticationException exception) throws IOException, ServletException {
         String errMsg = exception.getMessage();
-
-        response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
-        response.setContentType("text/html;charset=utf-8");
-        response.getWriter().write(exception.getMessage());
+        String body = WebResult.failWithMsg(errMsg);
+        writeResponse(response, body);
     }
 
-    public void loginFailed(HttpServletResponse response, String errMsg) throws IOException {
-        String retJson = WebResult.failWithMsg(errMsg);
-        response.setStatus(HttpServletResponse.SC_OK);
-        //response.setContentType("application/json; charset=utf-8");
-        response.setContentType("text/html;charset=utf-8");
+    private void writeResponse(HttpServletResponse response, String body) throws IOException {
+        response.setContentType("application/json; charset=utf-8");
         PrintWriter printWriter = response.getWriter();
-        printWriter.write(retJson);
+        printWriter.write(body);
     }
 }

manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthSuccessHandlerImpl.java

@@ -1,6 +1,7 @@
 package cn.reghao.devops.manager.account.security.handler;
 
 import cn.reghao.jutil.jdk.result.WebResult;
+import cn.reghao.jutil.web.ServletUtil;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.savedrequest.SavedRequest;
@@ -22,34 +23,33 @@ public class AuthSuccessHandlerImpl implements AuthenticationSuccessHandler {
     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication auth)
             throws IOException {
-        sendResponse(response);
-        //redirect(request, response);
-    }
-
-    private void sendResponse(HttpServletResponse response) throws IOException {
-        response.setContentType("text/html;charset=utf-8");
-        String result = WebResult.success();
-        PrintWriter pt = response.getWriter();
-        pt.println(result);
+        String redirectPath = getRedirectPath();
+        String body = WebResult.success(redirectPath);
+        writeResponse(response, body);
     }
 
     /**
-     * TODO 前端无法处理重定向
+     * 认证成功后, 重定向到登录前的地址, 需要 session 的支持
      *
      * @param
      * @return
-     * @date 2021-07-27 下午3:54
+     * @date 2023-08-16 10:58:41
      */
-    private void redirect(HttpServletRequest request, HttpServletResponse response) throws IOException {
+    private String getRedirectPath() {
+        String redirectPath = "/";
+        // 获取 spring security 在 session 中存放的变量
         SavedRequest savedRequest =
-                (SavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
+                (SavedRequest) ServletUtil.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
         if (savedRequest != null) {
-            String redirectUrl = savedRequest.getRedirectUrl();
-            // 跳转到登录前的地址
-            response.sendRedirect(redirectUrl);
-        } else {
-            // 跳转到首页
-            response.sendRedirect("/");
+            redirectPath = savedRequest.getRedirectUrl();
         }
+
+        return redirectPath;
+    }
+
+    private void writeResponse(HttpServletResponse response, String body) throws IOException {
+        response.setContentType("application/json; charset=utf-8");
+        PrintWriter printWriter = response.getWriter();
+        printWriter.write(body);
     }
 }

manager/src/main/resources/static/js/login.js

@@ -12,8 +12,13 @@ layui.use(['element', 'layer'], function () {
         var url = form.attr("action");
         var serializeArray = form.serializeArray();
         $.post(url, serializeArray, function (result) {
-            var resBody = JSON.parse(result)
-            $.fn.Messager(resBody);
+            console.log(result)
+            if (result.code === 0) {
+                let redirectPath = result.data
+                window.location.replace(redirectPath)
+            } else {
+                $.fn.Messager(result)
+            }
         }).error(function (result) {
             layer.msg(result.responseText, {offset: '15px', time: 5000, icon: 2});
         });