2 лет назад · d6cd5931ed
--- a/manager/src/main/java/cn/reghao/devops/manager/account/security/WebSecurityConfig.java
+++ b/manager/src/main/java/cn/reghao/devops/manager/account/security/WebSecurityConfig.java
@@ -3,12 +3,9 @@ package cn.reghao.devops.manager.account.security;
 
															 import cn.reghao.devops.manager.account.security.filter.LoginRedirectFilter;
														
 
															 import cn.reghao.devops.manager.account.security.form.AccountAuthFilter;
														
 
															 import cn.reghao.devops.manager.account.security.form.AccountAuthProvider;
														
 
															-import cn.reghao.devops.manager.account.security.handler.AuthFailHandlerImpl;
														
 
															-import cn.reghao.devops.manager.account.security.handler.AuthSuccessHandlerImpl;
														
 
															 import cn.reghao.devops.manager.account.service.AccountAuthService;
														
 
															 import org.springframework.context.annotation.Bean;
														
 
															 import org.springframework.context.annotation.Configuration;
														
 
															-import org.springframework.security.access.expression.SecurityExpressionHandler;
														
 
															 import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
														
 
															 import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
														
 
															 import org.springframework.security.authentication.AuthenticationManager;
														
@@ -19,8 +16,6 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 
															 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
														
 
															 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
														
 
															 import org.springframework.security.config.http.SessionCreationPolicy;
														
 
															-import org.springframework.security.web.FilterInvocation;
														
 
															-import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
														
 
															 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
														
 
															 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
														
 
															 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
														
@@ -91,14 +86,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
															         // 禁用 UsernamePasswordAuthenticationFilter, 使用自定义的 AccountAuthFilter
														
 
															         http.formLogin().disable();
														
 
															-                /*.loginPage(loginPage)
														
 
															-                .loginProcessingUrl(loginApi);*/
														
 
															         // 配置 LogoutFilter
														
 
															         http.logout()
														
 
															                 .logoutUrl(logoutApi)
														
 
															                 .addLogoutHandler(logoutHandler)
														
 
															-                //.logoutSuccessUrl(loginPage)
														
 
															                 .logoutSuccessHandler(logoutSuccessHandler);
														
 
															         // 配置 ExceptionTranslationFilter, 登录认证接口失败时的处理, 不会重定向到 loginPage
														
--- a/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthFailHandlerImpl.java
+++ b/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthFailHandlerImpl.java
@@ -1,7 +1,6 @@
 
															 package cn.reghao.devops.manager.account.security.handler;
														
 
															 import cn.reghao.jutil.jdk.result.WebResult;
														
 
															-import org.springframework.http.HttpStatus;
														
 
															 import org.springframework.security.core.AuthenticationException;
														
 
															 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
														
 
															 import org.springframework.stereotype.Component;
														
@@ -25,18 +24,13 @@ public class AuthFailHandlerImpl implements AuthenticationFailureHandler {
 
															                                         HttpServletResponse response,
														
 
															                                         AuthenticationException exception) throws IOException, ServletException {
														
 
															         String errMsg = exception.getMessage();
														
 
															-
														
 
															-        response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
														
 
															-        response.setContentType("text/html;charset=utf-8");
														
 
															-        response.getWriter().write(exception.getMessage());
														
 
															+        String body = WebResult.failWithMsg(errMsg);
														
 
															+        writeResponse(response, body);
														
 
															     }
														
 
															-    public void loginFailed(HttpServletResponse response, String errMsg) throws IOException {
														
 
															-        String retJson = WebResult.failWithMsg(errMsg);
														
 
															-        response.setStatus(HttpServletResponse.SC_OK);
														
 
															-        //response.setContentType("application/json; charset=utf-8");
														
 
															-        response.setContentType("text/html;charset=utf-8");
														
 
															+    private void writeResponse(HttpServletResponse response, String body) throws IOException {
														
 
															+        response.setContentType("application/json; charset=utf-8");
														
 
															         PrintWriter printWriter = response.getWriter();
														
 
															-        printWriter.write(retJson);
														
 
															+        printWriter.write(body);
														
 
															     }
														
 
															 }
														
--- a/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthSuccessHandlerImpl.java
+++ b/manager/src/main/java/cn/reghao/devops/manager/account/security/handler/AuthSuccessHandlerImpl.java
@@ -1,6 +1,7 @@
 
															 package cn.reghao.devops.manager.account.security.handler;
														
 
															 import cn.reghao.jutil.jdk.result.WebResult;
														
 
															+import cn.reghao.jutil.web.ServletUtil;
														
 
															 import org.springframework.security.core.Authentication;
														
 
															 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
														
 
															 import org.springframework.security.web.savedrequest.SavedRequest;
														
@@ -22,34 +23,33 @@ public class AuthSuccessHandlerImpl implements AuthenticationSuccessHandler {
 
															     @Override
														
 
															     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication auth)
														
 
															             throws IOException {
														
 
															-        sendResponse(response);
														
 
															-        //redirect(request, response);
														
 
															-    }
														
 
															-
														
 
															-    private void sendResponse(HttpServletResponse response) throws IOException {
														
 
															-        response.setContentType("text/html;charset=utf-8");
														
 
															-        String result = WebResult.success();
														
 
															-        PrintWriter pt = response.getWriter();
														
 
															-        pt.println(result);
														
 
															+        String redirectPath = getRedirectPath();
														
 
															+        String body = WebResult.success(redirectPath);
														
 
															+        writeResponse(response, body);
														
 
															     }
														
 
															     /**
														
 
															-     * TODO 前端无法处理重定向
														
 
															+     * 认证成功后, 重定向到登录前的地址, 需要 session 的支持
														
 
															      *
														
 
															      * @param
														
 
															      * @return
														
 
															-     * @date 2021-07-27 下午3:54
														
 
															+     * @date 2023-08-16 10:58:41
														
 
															      */
														
 
															-    private void redirect(HttpServletRequest request, HttpServletResponse response) throws IOException {
														
 
															+    private String getRedirectPath() {
														
 
															+        String redirectPath = "/";
														
 
															+        // 获取 spring security 在 session 中存放的变量
														
 
															         SavedRequest savedRequest =
														
 
															-                (SavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
														
 
															+                (SavedRequest) ServletUtil.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
														
 
															         if (savedRequest != null) {
														
 
															-            String redirectUrl = savedRequest.getRedirectUrl();
														
 
															-            // 跳转到登录前的地址
														
 
															-            response.sendRedirect(redirectUrl);
														
 
															-        } else {
														
 
															-            // 跳转到首页
														
 
															-            response.sendRedirect("/");
														
 
															+            redirectPath = savedRequest.getRedirectUrl();
														
 
															         }
														
 
															+
														
 
															+        return redirectPath;
														
 
															+    }
														
 
															+
														
 
															+    private void writeResponse(HttpServletResponse response, String body) throws IOException {
														
 
															+        response.setContentType("application/json; charset=utf-8");
														
 
															+        PrintWriter printWriter = response.getWriter();
														
 
															+        printWriter.write(body);
														
 
															     }
														
 
															 }
														
--- a/manager/src/main/resources/static/js/login.js
+++ b/manager/src/main/resources/static/js/login.js
@@ -12,8 +12,13 @@ layui.use(['element', 'layer'], function () {
 
															         var url = form.attr("action");
														
 
															         var serializeArray = form.serializeArray();
														
 
															         $.post(url, serializeArray, function (result) {
														
 
															-            var resBody = JSON.parse(result)
														
 
															-            $.fn.Messager(resBody);
														
 
															+            console.log(result)
														
 
															+            if (result.code === 0) {
														
 
															+                let redirectPath = result.data
														
 
															+                window.location.replace(redirectPath)
														
 
															+            } else {
														
 
															+                $.fn.Messager(result)
														
 
															+            }
														
 
															         }).error(function (result) {
														
 
															             layer.msg(result.responseText, {offset: '15px', time: 5000, icon: 2});
														
 
															         });