给HttpMessageNotReadableException和MissingServletRequestParameterException指定了全局错误处理器，现在当前端发送给后端的参数不对的时候也能正确返回401错误了

给@JwtVerify添加了校验字符串参数的用法，现在只要有任意一个字符串参数的内容是JWT就也能校验了。
2024-07-03 14:50:03 +08:00 · 2024-07-03 14:50:03 +08:00
2 changed files with 29 additions and 2 deletions
--- a/src/main/java/org/cmh/backend/Utils/GlobalExceptionHandler.java
+++ b/src/main/java/org/cmh/backend/Utils/GlobalExceptionHandler.java
@ -2,9 +2,15 @@ package org.cmh.backend.Utils;

 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.web.bind.MissingServletRequestParameterException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;

+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
@ControllerAdvice
 public class GlobalExceptionHandler {

@ -12,4 +18,17 @@ public class GlobalExceptionHandler {
    public ResponseEntity<Object> handleJwtInvalidException(JwtValidationException ex) {
        return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
    }
+
+    @ExceptionHandler(MissingServletRequestParameterException.class)
+    public ResponseEntity<Map<String, String>> handleMissingServletRequestParameterException(MissingServletRequestParameterException ex) {
+        HashMap<String, String> response = new HashMap<>();
+        response.put("error", ex.getMessage());
+        response.put("stackTrace", Arrays.toString(ex.getStackTrace()));
+        return new ResponseEntity<>(response, HttpStatus.BAD_REQUEST);
+    }
+
+    @ExceptionHandler(HttpMessageNotReadableException.class)
+    public ResponseEntity<String> handleHttpMessageNotReadableException(HttpMessageNotReadableException ex) {
+        return new ResponseEntity<>(ex.getMessage(), HttpStatus.BAD_REQUEST);
+    }
 }
--- a/src/main/java/org/cmh/backend/Utils/JwtVerifyAspect.java
+++ b/src/main/java/org/cmh/backend/Utils/JwtVerifyAspect.java
@ -15,11 +15,19 @@ public class JwtVerifyAspect {
            if (arg instanceof JwtRequest jwtRequest) {
                String token = jwtRequest.getToken();
                if (!JwtUtil.isTokenValid(token)) {
-                    throw new JwtValidationException("JWT token is invalid");
+                    throw new JwtValidationException("请求未正确携带身份令牌");
+                }
+                return;  // 只接受第一个 JwtRequest 对象，收到后不再校验其他参数
+            }
+            // JWTRequest对象优先，否则再检查其他字符串参数
+            if (arg instanceof String token){
+                if (JwtUtil.isTokenValid(token)){
+                    // 验证成功就直接退出。
+                    return;
                }
-                break;
            }
        }
+        throw new JwtValidationException("请求未正确携带身份令牌");
    }
 }
Author	SHA1	Message	Date
heshunme	9d6ab53f5f	给HttpMessageNotReadableException和MissingServletRequestParameterException指定了全局错误处理器，现在当前端发送给后端的参数不对的时候也能正确返回401错误了	2024-07-03 14:50:03 +08:00
heshunme	a58da98dd1	给@JwtVerify添加了校验字符串参数的用法，现在只要有任意一个字符串参数的内容是JWT就也能校验了。	2024-07-03 14:50:03 +08:00