From 0c7a42c4e84df300b9057f95c3c81313da545a24 Mon Sep 17 00:00:00 2001
From: Amadeus <RealmeAmadeus@gmail.com>
Date: Fri, 19 Apr 2024 23:11:20 +0800
Subject: [PATCH] =?UTF-8?q?security=E5=9F=BA=E6=9C=AC=E9=85=8D=E7=BD=AE?=
 =?UTF-8?q?=E5=AE=8C=E6=88=90=E7=9A=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pom.xml                                       |  5 ++
 src/main/java/com/example/RestBean.java       | 22 ++++++
 .../example/config/SecurityConfiguration.java | 69 +++++++++++++++++++
 3 files changed, 96 insertions(+)
 create mode 100644 src/main/java/com/example/RestBean.java
 create mode 100644 src/main/java/com/example/config/SecurityConfiguration.java

diff --git a/pom.xml b/pom.xml
index 0503bcb..92c9f8f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -42,6 +42,11 @@
             <artifactId>spring-boot-starter-tomcat</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>com.alibaba.fastjson2</groupId>
+            <artifactId>fastjson2</artifactId>
+            <version>2.0.25</version>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
diff --git a/src/main/java/com/example/RestBean.java b/src/main/java/com/example/RestBean.java
new file mode 100644
index 0000000..ffe3062
--- /dev/null
+++ b/src/main/java/com/example/RestBean.java
@@ -0,0 +1,22 @@
+package com.example;
+
+import com.alibaba.fastjson2.JSONObject;
+import com.alibaba.fastjson2.JSONWriter;
+
+public record RestBean<T>(int code , T data , String message) {
+    public static <T> RestBean<T> success(T data){
+        return  new RestBean<>(200, data ,"请求成功");
+
+    }
+    public static <T> RestBean<T> success(){
+        return success(null);
+
+    }
+
+    public static <T> RestBean<T> failure(int code , String message){
+        return  new RestBean<>(code , null , message);
+    }
+    public String asJsonString(){
+      return   JSONObject.toJSONString(this, JSONWriter.Feature.WriteNulls);
+    }
+}
diff --git a/src/main/java/com/example/config/SecurityConfiguration.java b/src/main/java/com/example/config/SecurityConfiguration.java
new file mode 100644
index 0000000..edbdc45
--- /dev/null
+++ b/src/main/java/com/example/config/SecurityConfiguration.java
@@ -0,0 +1,69 @@
+package com.example.config;
+
+import com.example.RestBean;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+
+import java.io.IOException;
+
+@Configuration
+public class SecurityConfiguration {
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        return http
+                .authorizeHttpRequests(conf -> conf
+                        .requestMatchers("/api/auth/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .formLogin(conf -> conf
+                        .loginProcessingUrl("/api/auth/login")
+                        .failureHandler(this::onAuthenticationFailure)
+                        .successHandler(this::onAuthenticationSuccess)
+
+                )
+                .logout(conf -> conf
+                        .logoutUrl("/api/auth/logout")
+                        .logoutSuccessHandler(this::onLogoutSuccess)
+                )
+
+                .csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(conf -> conf
+                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                )
+                .build();
+    }
+
+    public void onAuthenticationSuccess(HttpServletRequest request,
+                                        HttpServletResponse response,
+                                        Authentication authentication) throws IOException, ServletException {
+        response.setContentType("application/json;charset=utf-8");
+
+        response.getWriter().write(RestBean.success().asJsonString());
+    }
+
+    public void onAuthenticationFailure(HttpServletRequest request,
+                                        HttpServletResponse response,
+                                        AuthenticationException exception) throws IOException, ServletException {
+        response.setContentType("application/json;charset=utf-8");
+        response.getWriter().write(RestBean.failure(401 , exception.getMessage()).asJsonString());
+
+    }
+
+    public void onLogoutSuccess(HttpServletRequest request,
+                                HttpServletResponse response,
+                                Authentication authentication) throws IOException, ServletException {
+
+    }
+}
\ No newline at end of file