| | |
|---|
| | | import org.slf4j.Logger; |
|---|
| | | import org.slf4j.LoggerFactory; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.http.HttpStatus; |
|---|
| | | import org.springframework.security.authentication.BadCredentialsException; |
|---|
| | | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
|---|
| | | import org.springframework.security.authentication.dao.DaoAuthenticationProvider; |
|---|
| | |
|---|
| | | import org.springframework.security.core.userdetails.UserDetailsService; |
|---|
| | | import org.springframework.security.core.userdetails.UsernameNotFoundException; |
|---|
| | | import org.springframework.security.crypto.password.PasswordEncoder; |
|---|
| | | import org.springframework.security.web.AuthenticationEntryPoint; |
|---|
| | | import org.springframework.security.web.authentication.AuthenticationFailureHandler; |
|---|
| | | import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
|---|
| | | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; |
|---|
| | | import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; |
|---|
| | | import org.springframework.web.filter.OncePerRequestFilter; |
|---|
| | | import org.yeshi.utils.JsonUtil; |
|---|
| | | import org.yeshi.utils.StringUtil; |
|---|
| | | |
|---|
| | | import javax.annotation.Resource; |
|---|
| | |
|---|
| | | private AdminUserService adminUserService; |
|---|
| | | |
|---|
| | | private final String LOGIN_PROCESSING_URL = "/admin/api/login"; |
|---|
| | | |
|---|
| | | private final String LOGIN_PAGE_PATH="/7aed59d33d777100/login.html"; |
|---|
| | | |
|---|
| | | //图形验证码配置 |
|---|
| | | @Bean |
|---|
| | |
|---|
| | | .and() |
|---|
| | | .formLogin() |
|---|
| | | //自定义登录界面 |
|---|
| | | .loginPage("/login.html") |
|---|
| | | .loginPage(LOGIN_PAGE_PATH) |
|---|
| | | //处理登录逻辑的url |
|---|
| | | .loginProcessingUrl(LOGIN_PROCESSING_URL) |
|---|
| | | //登录成功后的跳转 |
|---|
| | |
|---|
| | | @Override |
|---|
| | | public void onLogoutSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException { |
|---|
| | | logger.info("onLogoutSuccess"); |
|---|
| | | httpServletResponse.getWriter().print(JsonUtil.loadTrueResult("")); |
|---|
| | | } |
|---|
| | | }) |
|---|
| | | .and() |
|---|
| | | .csrf().disable() |
|---|
| | | .rememberMe().userDetailsService(new MyUserDetailsService()); |
|---|
| | | .rememberMe().userDetailsService(new MyUserDetailsService()) |
|---|
| | | .and().exceptionHandling().authenticationEntryPoint(new CustomAuthenticationEntryPoint()); |
|---|
| | | http.addFilterBefore(new VerificationCodeFilter(), UsernamePasswordAuthenticationFilter.class); |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | //自定义未授权返回 |
|---|
| | | class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint { |
|---|
| | | @Override |
|---|
| | | public void commence(HttpServletRequest request, HttpServletResponse response, |
|---|
| | | AuthenticationException authException) throws IOException, ServletException { |
|---|
| | | String url = request.getRequestURI().toString(); |
|---|
| | | if (url.contains("/admin/api/")) { |
|---|
| | | response.setStatus(HttpStatus.UNAUTHORIZED.value()); |
|---|
| | | } else { |
|---|
| | | response.sendRedirect(LOGIN_PAGE_PATH); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | } |
|---|
