阶段提交

src/main/java/com/usky/config/shiro/UserRealm.java

@@ -40,15 +40,10 @@ public class UserRealm extends AuthorizingRealm {
     @Resource
     @Lazy
     private RedisUtil redisUtil;
-
-    /**
-     * 必须重写此方法，不然Shiro会报错
-     */
     @Override
     public boolean supports(AuthenticationToken authenticationToken) {
         return authenticationToken instanceof JwtToken;
     }
-
     /**
      * 只有当需要检测用户权限的时候才会调用此方法，例如checkRole,checkPermission之类的
      */

src/main/java/com/usky/config/shiro/jwt/JwtFilter.java

@@ -7,6 +7,8 @@ import com.usky.entity.ResponseBean;
 import com.usky.exception.CustomException;
 
 import com.usky.utils.RedisUtil;
+import com.usky.utils.Result;
+import com.usky.utils.SpringContextUtils;
 import com.usky.utils.jwt.JwtUtil;
 import com.usky.utils.jwt.common.JsonConvertUtil;
 import com.usky.utils.jwt.common.PropertiesUtil;
@@ -15,6 +17,7 @@ import org.apache.shiro.web.util.WebUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.http.HttpStatus;
 
 import javax.servlet.ServletRequest;
@@ -23,15 +26,19 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
+
 /**
  * JWT过滤
+ *
  * @author laowo
  * @date 2020/8/30 15:47
  */
 public class JwtFilter extends BasicHttpAuthenticationFilter {
 
-    @Autowired
-    private RedisUtil redisUtil;
+    public RedisUtil redisUtil() {
+        return (RedisUtil) SpringContextUtils.getBean("redisUtil");
+    }
+
     /**
      * logger
      */
@@ -143,9 +150,9 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
         // 获取当前Token的帐号信息
         String account = JwtUtil.getClaim(token, Constant.ACCOUNT);
         // 判断Redis中RefreshToken是否存在
-        if (redisUtil.hasKey(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account)) {
+        if (redisUtil().hasKey(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account)) {
             // Redis中RefreshToken还存在，获取RefreshToken的时间戳
-            String currentTimeMillisRedis = redisUtil.get(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account).toString();
+            String currentTimeMillisRedis = redisUtil().get(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account).toString();
             // 获取当前AccessToken中的时间戳，与RefreshToken的时间戳对比，如果当前时间戳一致，进行AccessToken刷新
             if (JwtUtil.getClaim(token, Constant.CURRENT_TIME_MILLIS).equals(currentTimeMillisRedis)) {
                 // 获取当前最新时间戳
@@ -154,7 +161,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
                 PropertiesUtil.readProperties("config.properties");
                 String refreshTokenExpireTime = PropertiesUtil.getProperty("refreshTokenExpireTime");
                 // 设置RefreshToken中的时间戳为当前最新时间戳，且刷新过期时间重新为30分钟过期(配置文件可配置refreshTokenExpireTime属性)
-                redisUtil.set(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account, currentTimeMillis, Integer.parseInt(refreshTokenExpireTime));
+                redisUtil().set(Constant.PREFIX_SHIRO_REFRESH_TOKEN + account, currentTimeMillis, Integer.parseInt(refreshTokenExpireTime));
                 // 刷新AccessToken，设置时间戳为当前最新时间戳
                 token = JwtUtil.sign(account, currentTimeMillis);
                 // 将新刷新的AccessToken再次进行Shiro的登录
@@ -180,7 +187,8 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
         httpServletResponse.setCharacterEncoding("UTF-8");
         httpServletResponse.setContentType("application/json; charset=utf-8");
         try (PrintWriter out = httpServletResponse.getWriter()) {
-            String data = JsonConvertUtil.objectToJson(new ResponseBean(HttpStatus.UNAUTHORIZED.value(), "无权访问:" + msg, null));
+            //   String data = JsonConvertUtil.objectToJson(new ResponseBean(HttpStatus.UNAUTHORIZED.value(), "无权访问:" + msg, null));
+            String data = JsonConvertUtil.objectToJson(Result.error(HttpStatus.UNAUTHORIZED.value(), msg));
             out.append(data);
         } catch (IOException e) {
             logger.error("直接返回Response信息出现IOException异常:{}", e.getMessage());

src/main/java/com/usky/exception/GloableExceptionResolver.java

@@ -41,27 +41,26 @@ import java.util.Map;
 @RestControllerAdvice
 @Slf4j
 public class GloableExceptionResolver {
-    @ExceptionHandler(Exception.class)
-    public Result<?> handleException(Exception e) {
-        log.error(e.getMessage(), e);
-        return Result.error("系统异常，请稍后重试，" + e.getMessage());
-    }
+
 
     @ExceptionHandler(HttpRequestMethodNotSupportedException.class)
     public Result<?> HttpRequestMethodNotSupportedException(Exception e) {
         log.error(e.getMessage(), e);
         return Result.error("请求方式异常，" + e.getMessage());
     }
+
     @ExceptionHandler(DataIntegrityViolationException.class)
     public Result<?> handleDataIntegrityViolationException(DataIntegrityViolationException e) {
         log.error(e.getMessage(), e);
         return Result.error("字段太长,超出数据库字段的长度");
     }
+
     @ExceptionHandler(PoolException.class)
     public Result<?> handlePoolException(PoolException e) {
         log.error(e.getMessage(), e);
         return Result.error("Redis 连接异常!");
     }
+
     @ExceptionHandler
     public Result<?> methodArgumentNotValid(BindException e) {
         if (log.isDebugEnabled()) {
@@ -100,6 +99,7 @@ public class GloableExceptionResolver {
 //
 //    }
 //
+
     /**
      * 捕捉所有Shiro异常
      *
@@ -109,45 +109,49 @@ public class GloableExceptionResolver {
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
     @ExceptionHandler(ShiroException.class)
     public Result<?> handle401(ShiroException e) {
-        return Result.error(HttpStatus.UNAUTHORIZED.value(), "无权访问:" + e.getMessage());
+        return Result.error(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
     }
 
     /**
      * 单独捕捉Shiro(UnauthorizedException)异常
      * 该异常为访问有权限管控的请求而该用户没有所需权限所抛出的异常
+     *
      * @param e
      * @return
      */
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
     @ExceptionHandler(UnauthorizedException.class)
     public Result<?> handle401(UnauthorizedException e) {
-        return Result.error(HttpStatus.UNAUTHORIZED.value(), "无权访问:当前用户没有此请求所需权限(" + e.getMessage() + ")");
+        return Result.error(HttpStatus.UNAUTHORIZED.value(), "当前用户没有此请求所需权限，请联系管理员" + e.getMessage() + ")");
     }
 
     /**
      * 单独捕捉Shiro(UnauthenticatedException)异常
      * 该异常为以游客身份访问有权限管控的请求无法对匿名主体进行授权，而授权失败所抛出的异常
+     *
      * @param e
      * @return
      */
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
     @ExceptionHandler(UnauthenticatedException.class)
     public Result<?> handle401(UnauthenticatedException e) {
-        return Result.error(HttpStatus.UNAUTHORIZED.value(), "无权访问:请先登录");
+        return Result.error(HttpStatus.UNAUTHORIZED.value(), "请先登录");
     }
 
     /**
      * 捕捉UnauthorizedException自定义异常
+     *
      * @return
      */
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
     @ExceptionHandler(CustomUnauthorizedException.class)
     public Result<?> handle401(CustomUnauthorizedException e) {
-        return Result.error(HttpStatus.UNAUTHORIZED.value(), "无权访问:" + e.getMessage());
+        return Result.error(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
     }
 
     /**
      * 捕捉其他所有自定义异常
+     *
      * @return
      */
     @ResponseStatus(HttpStatus.BAD_REQUEST)
@@ -155,8 +159,10 @@ public class GloableExceptionResolver {
     public Result<?> handle(CustomException e) {
         return Result.error(HttpStatus.BAD_REQUEST.value(), e.getMessage());
     }
+
     /**
      * 捕捉404异常
+     *
      * @return
      */
     @ResponseStatus(HttpStatus.NOT_FOUND)
@@ -164,6 +170,7 @@ public class GloableExceptionResolver {
     public Result<?> handle(NoHandlerFoundException e) {
         return Result.error(HttpStatus.NOT_FOUND.value(), e.getMessage());
     }
+
     /**
      * 获取状态码
      *
@@ -178,5 +185,18 @@ public class GloableExceptionResolver {
         return HttpStatus.valueOf(statusCode);
     }
 
+    /**
+     * 捕捉其他所有异常
+     *
+     * @param request
+     * @param ex
+     * @return
+     */
+    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+    @ExceptionHandler(Exception.class)
+    public Result<?> globalException(HttpServletRequest request, Throwable ex) {
+        return Result.error(this.getStatus(request).value(), ex.toString() + ": " + ex.getMessage());
+    }
+
 
 }

src/main/resources/application.yml

@@ -3,7 +3,7 @@ server:
   port: 8080
 spring:
   redis:
-    database: 0
+    database: 1
     #host: 47.111.81.118
     host: 172.16.120.184
     lettuce: