合同

src/main/java/security/interceptor/AuthorizationInterceptor.java

 package security.interceptor;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import common.model.User;
 import common.repository.UserRepository;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 import security.RedisLoginStatusManager;
 import security.TokenManager;
 import util.Constant;
+import util.ResultModel;
+import util.ResultStatus;
 import util.StringUtil;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedWriter;
+import java.io.OutputStreamWriter;
 import java.util.Enumeration;
 
 public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
@@ -64,6 +71,17 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
             }
             return true;
         }
+        try {
+            //如果验证token失败，并且方法注明了Authorization，返回401错误
+            response.setStatus(HttpStatus.UNAUTHORIZED.value());
+            BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(response.getOutputStream()));
+            response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+            String json = new ObjectMapper().writeValueAsString(ResultModel.ERROR(ResultStatus.USERNAME_LOGIN_EXPIRE));
+            writer.write(json);
+            writer.close();
+        } catch (Exception e){
+            e.printStackTrace();
+        }
         return false;
     }