SpringSecurity前后端分离登录返回Json字符串

1.SpringSecurity配置类

/*** @author hht* @date 2020/9/23 13:17*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {@AutowiredIUserService userService;@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/csgo/box/**", "/csgo/**", "/order/**").permitAll().and().csrf().disable().formLogin()//指定登录地址.loginProcessingUrl("/doLogin").permitAll()//登录失败,返回json.failureHandler(new AuthenticationFailureHandler() {@Overridepublic void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {response.setContentType("application/json;charset=utf-8");response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);PrintWriter writer = response.getWriter();CommonResult<String> result;if (exception instanceof UsernameNotFoundException || exception instanceof BadCredentialsException) {result = CommonResult.fail("用户名或密码错误");} else if (exception instanceof DisabledException) {result = CommonResult.fail("用户无权限");} else {result = CommonResult.fail("登录失败");}writer.write(new ObjectMapper().writeValueAsString(result));writer.flush();writer.close();}})//登陆成功，返回json.successHandler(new AuthenticationSuccessHandler() {@Overridepublic void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {response.setContentType("application/json;charset=utf-8");response.setStatus(HttpServletResponse.SC_OK);PrintWriter writer = response.getWriter();User user =  (User) authentication.getPrincipal();writer.write(new ObjectMapper().writeValueAsString(CommonResult.success("success", user)));writer.flush();writer.close();}}).and().httpBasic()//未登录时提示.authenticationEntryPoint(new AuthenticationEntryPoint() {@Overridepublic void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);response.setContentType("application/json;charset=utf-8");PrintWriter writer = response.getWriter();CommonResult<Object> result = new CommonResult<>(401, "请登录");writer.write(new ObjectMapper().writeValueAsString(result));writer.flush();writer.close();}}).and()//异常处理.exceptionHandling()//访问拒绝处理，返回json.accessDeniedHandler(new AccessDeniedHandler() {@Overridepublic void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {response.setContentType("application/json;charset=utf-8");response.setStatus(HttpServletResponse.SC_FORBIDDEN);PrintWriter writer = response.getWriter();CommonResult<Object> result = new CommonResult<>(403, "访问被拒绝");writer.write(new ObjectMapper().writeValueAsString(result));writer.flush();writer.close();}}).and()//注销.logout().logoutUrl("/logout").logoutSuccessHandler(new LogoutSuccessHandler() {@Overridepublic void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {response.setContentType("application/json;charset=utf-8");response.setStatus(HttpServletResponse.SC_OK);PrintWriter writer = response.getWriter();writer.write(new ObjectMapper().writeValueAsString(CommonResult.success("注销成功",null)));writer.flush();writer.close();}}).permitAll();}@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.userDetailsService(userService).passwordEncoder(new BCryptPasswordEncoder());}
}

2.使用postman测试

本文来自互联网用户投稿，文章观点仅代表作者本人，不代表本站立场，不承担相关法律责任。如若转载，请注明出处。 如若内容造成侵权/违法违规/事实不符，请点击【内容举报】进行投诉反馈！