commit 96ce1deea88705fd1c3f26a3dcc523585591ec14
author Tang Cheng <cheng.tang@supwisdom.com> 周二 4月 23 16:26:34 2019 +0800
committer Tang Cheng <cheng.tang@supwisdom.com> 周二 4月 23 16:26:34 2019 +0800
tree 356ad3dd2e0bd87a23500bbbf5ff608e7a40ec0a
parent 9c202fcfaca71294ea1213e34e9e1bf7ab9b8722

增加了jwt filter 注释

src/main/kotlin/com/supwisdom/dlpay/security.kt

diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index abb1dd7..20f1207 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -64,6 +64,7 @@
                     if (!it.isPresent) {
                         throw JoseException("JWT has not been register")
                     }
+                    // token 已被设为黑名单
                     if (it.get().status != TradeDict.JWT_STATUS_NORMAL) {
                         throw JoseException("JWT status error : ${it.get().status}")
                     }
@@ -75,6 +76,7 @@
             } catch (e: InvalidJwtException) {
                 SecurityContextHolder.clearContext()
                 if (e.hasExpired()) {
+                    // jwt 过期后返回 401
                     apiJwtRepository.deleteById(e.jwtContext.jwtClaims.jwtId)
                     response.sendError(HttpStatus.UNAUTHORIZED.value(), e.message)
                 } else {
@@ -82,7 +84,8 @@
                 }
             } catch (e: JoseException) {
                 SecurityContextHolder.clearContext()
-                response.sendError(HttpStatus.BAD_REQUEST.value(), e.message)
+                // jwt 失效后返回 401
+                response.sendError(HttpStatus.UNAUTHORIZED.value(), e.message)
             }
         }
         filterChain.doFilter(request, response)