add SecurityLoginHandler.java

Author: xlorne

springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java

@@ -1,10 +1,8 @@
 package com.codingapi.springboot.security;
 
 import com.codingapi.springboot.security.configurer.HttpSecurityConfigurer;
-import com.codingapi.springboot.security.filter.MyAccessDeniedHandler;
-import com.codingapi.springboot.security.filter.MyLogoutHandler;
-import com.codingapi.springboot.security.filter.MyLogoutSuccessHandler;
-import com.codingapi.springboot.security.filter.MyUnAuthenticationEntryPoint;
+import com.codingapi.springboot.security.dto.request.LoginRequest;
+import com.codingapi.springboot.security.filter.*;
 import com.codingapi.springboot.security.handler.ServletExceptionHandler;
 import com.codingapi.springboot.security.jwt.Jwt;
 import com.codingapi.springboot.security.properties.SecurityJwtProperties;
@@ -27,6 +25,9 @@
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 @Configuration
 @EnableMethodSecurity
 public class AutoConfiguration {
@@ -62,15 +63,25 @@ public HandlerExceptionResolver servletExceptionHandler() {
         return new ServletExceptionHandler();
     }
 
+    @Bean
+    @ConditionalOnMissingBean
+    public SecurityLoginHandler securityLoginHandler(){
+        return new SecurityLoginHandler() {
+            @Override
+            public void preHandle(HttpServletRequest request, HttpServletResponse response, LoginRequest handler) throws Exception {
+
+            }
+        };
+    }
 
     @Bean
     @ConditionalOnMissingBean
-    public SecurityFilterChain filterChain(HttpSecurity http, Jwt jwt, SecurityJwtProperties properties) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http, Jwt jwt,SecurityLoginHandler loginHandler, SecurityJwtProperties properties) throws Exception {
         //before add addCorsMappings to enable cors.
         http.cors();
 
         http.csrf().disable();
-        http.apply(new HttpSecurityConfigurer(jwt, properties));
+        http.apply(new HttpSecurityConfigurer(jwt,loginHandler,properties));
         http
                 .exceptionHandling()
                 .authenticationEntryPoint(new MyUnAuthenticationEntryPoint())

springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/configurer/HttpSecurityConfigurer.java

@@ -2,6 +2,7 @@
 
 import com.codingapi.springboot.security.filter.MyAuthenticationFilter;
 import com.codingapi.springboot.security.filter.MyLoginFilter;
+import com.codingapi.springboot.security.filter.SecurityLoginHandler;
 import com.codingapi.springboot.security.jwt.Jwt;
 import com.codingapi.springboot.security.properties.SecurityJwtProperties;
 import lombok.AllArgsConstructor;
@@ -14,12 +15,13 @@ public class HttpSecurityConfigurer extends AbstractHttpConfigurer<HttpSecurityC
 
     private final Jwt jwt;
 
+    private final SecurityLoginHandler securityLoginHandler;
     private final SecurityJwtProperties securityJwtProperties;
 
     @Override
     public void configure(HttpSecurity http) throws Exception {
         AuthenticationManager manager = http.getSharedObject(AuthenticationManager.class);
-        http.addFilter(new MyLoginFilter(manager, jwt, securityJwtProperties));
+        http.addFilter(new MyLoginFilter(manager, jwt,securityLoginHandler, securityJwtProperties));
         http.addFilter(new MyAuthenticationFilter(manager, jwt));
     }
 }

springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/filter/MyLoginFilter.java

@@ -34,9 +34,12 @@ public class MyLoginFilter extends UsernamePasswordAuthenticationFilter {
 
     private final Jwt jwt;
 
-    public MyLoginFilter(AuthenticationManager authenticationManager, Jwt jwt, SecurityJwtProperties securityJwtProperties) {
+    private final SecurityLoginHandler loginHandler;
+
+    public MyLoginFilter(AuthenticationManager authenticationManager, Jwt jwt, SecurityLoginHandler loginHandler, SecurityJwtProperties securityJwtProperties) {
         super(authenticationManager);
         this.jwt = jwt;
+        this.loginHandler = loginHandler;
         this.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher(securityJwtProperties.getLoginProcessingUrl(), "POST"));
     }
 
@@ -53,6 +56,11 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
         if (login == null || login.isEmpty()) {
             throw new AuthenticationServiceException("request stream read was null.");
         }
+        try {
+            loginHandler.preHandle(request,response,login);
+        } catch (Exception e) {
+            throw new AuthenticationServiceException(e.getLocalizedMessage());
+        }
         LoginRequestContext.getInstance().set(login);
         return getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(login.getUsername(), login.getPassword()));
     }

springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/filter/SecurityLoginHandler.java

@@ -0,0 +1,11 @@
+package com.codingapi.springboot.security.filter;
+
+import com.codingapi.springboot.security.dto.request.LoginRequest;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public interface SecurityLoginHandler {
+
+    void  preHandle(HttpServletRequest request, HttpServletResponse response, LoginRequest handler) throws Exception;
+}

springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/jwt/Token.java

@@ -31,7 +31,7 @@ public Token() {
 
     public Token(String username, String certificate, List<String> authorities, int expireValue, int remindValue) throws IOException {
         this.username = username;
-        this.certificate = AESUtils.getInstance().encodeToBase64(certificate);
+        this.certificate = AESUtils.getInstance().encode(certificate);
         this.authorities = authorities;
         this.expireTime = System.currentTimeMillis() + expireValue;
         this.remindTime = System.currentTimeMillis() + remindValue;
@@ -55,7 +55,7 @@ public String getCertificate() {
 
     @Transient
     public String getDecodePassword() throws IOException {
-        return AESUtils.getInstance().decodeToBase64(certificate);
+        return AESUtils.getInstance().decode(certificate);
     }
 
     public boolean canRestToken() {

springboot-starter/src/main/java/com/codingapi/springboot/framework/crypto/AES.java

@@ -35,11 +35,11 @@ public AES(String key, String iv) {
     }
 
 
-    public String encodeToBase64(String input) throws IOException {
+    public String encode(String input) throws IOException {
         return Base64Utils.encodeToString(encode(input.getBytes(StandardCharsets.UTF_8)));
     }
 
-    public String decodeToBase64(String input) throws IOException {
+    public String decode(String input) throws IOException {
         return new String(decode(Base64Utils.decodeFromString(input)), StandardCharsets.UTF_8);
     }
 

springboot-starter/src/main/java/com/codingapi/springboot/framework/crypto/AESUtils.java

@@ -22,12 +22,12 @@ void init(AES aes) {
         this.aes = aes;
     }
 
-    public String encodeToBase64(String input) throws IOException {
-        return aes.encodeToBase64(input);
+    public String encode(String input) throws IOException {
+        return aes.encode(input);
     }
 
-    public String decodeToBase64(String input) throws IOException {
-        return aes.decodeToBase64(input);
+    public String decode(String input) throws IOException {
+        return aes.decode(input);
     }
 
     public byte[] encode(byte[] input) throws IOException {

springboot-starter/src/test/java/com/codingapi/springboot/framework/crypto/AESUtilsTest.java

@@ -14,8 +14,8 @@ class AESUtilsTest {
     @Test
     void encodeDecodeToBase64() throws IOException {
        String word = "123";
-       String encode = AESUtils.getInstance().encodeToBase64(word);
-       String decode = AESUtils.getInstance().decodeToBase64(encode);
+       String encode = AESUtils.getInstance().encode(word);
+       String decode = AESUtils.getInstance().decode(encode);
        assertEquals(word,decode,"AES encode error");
     }