refactor: 认证相关请求返回4xx响应码

backend/src/main/java/io/metersphere/service/UserService.java

@@ -552,7 +552,6 @@ public class UserService {
 
     public ResultHolder login(LoginRequest request) {
         String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate");
-        String msg;
         String username = StringUtils.trim(request.getUsername());
         String password = "";
         if (!StringUtils.equals(login, UserSource.LDAP.name())) {
@@ -564,7 +563,6 @@ public class UserService {
 
         UsernamePasswordToken token = new UsernamePasswordToken(username, password);
         Subject subject = SecurityUtils.getSubject();
-
         try {
             subject.login(token);
             if (subject.isAuthenticated()) {
@@ -588,20 +586,18 @@ public class UserService {
                 return ResultHolder.error(Translator.get("login_fail"));
             }
         } catch (ExcessiveAttemptsException e) {
-            msg = Translator.get("excessive_attempts");
+            throw new ExcessiveAttemptsException(Translator.get("excessive_attempts"));
         } catch (LockedAccountException e) {
-            msg = Translator.get("user_locked");
+            throw new LockedAccountException(Translator.get("user_locked"));
         } catch (DisabledAccountException e) {
-            msg = Translator.get("user_has_been_disabled");
+            throw new DisabledAccountException(Translator.get("user_has_been_disabled"));
         } catch (ExpiredCredentialsException e) {
-            msg = Translator.get("user_expires");
+            throw new ExpiredCredentialsException(Translator.get("user_expires"));
         } catch (AuthenticationException e) {
-            msg = e.getMessage();
+            throw new AuthenticationException(e.getMessage());
         } catch (UnauthorizedException e) {
-            msg = Translator.get("not_authorized") + e.getMessage();
+            throw new UnauthorizedException(Translator.get("not_authorized") + e.getMessage());
         }
-        MSException.throwException(msg);
-        return null;
     }
 
     public List<User> searchUser(String condition) {

frontend/src/common/js/ajax.js

@@ -5,6 +5,10 @@ import i18n from '../../i18n/i18n'
 
 export default {
   install(Vue) {
+
+    // 登入请求不重定向
+    let unRedirectUrls = new Set(['signin']);
+
     if (!axios) {
       window.console.error('You have to install axios');
       return
@@ -50,12 +54,12 @@ export default {
       result.loading = false;
     }
 
-    function exception(error, result) {
-      if (error.response && error.response.status === 401) {
+    function exception(error, result, url) {
+      if (error.response && error.response.status === 401 && !unRedirectUrls.has(url)) {
         login();
         return;
       }
-      if (error.response && error.response.status === 403) {
+      if (error.response && error.response.status === 403 && !unRedirectUrls.has(url)) {
         window.location.href = "/";
         return;
       }
@@ -78,7 +82,7 @@ export default {
         axios.get(url, {params: data}).then(response => {
           then(success, response, result);
         }).catch(error => {
-          exception(error, result);
+          exception(error, result, url);
         });
         return result;
       }
@@ -92,7 +96,7 @@ export default {
         axios.get(url).then(response => {
           then(success, response, result);
         }).catch(error => {
-          exception(error, result);
+          exception(error, result, url);
         });
         return result;
       }
@@ -106,7 +110,7 @@ export default {
         axios.post(url, data).then(response => {
           then(success, response, result);
         }).catch(error => {
-          exception(error, result);
+          exception(error, result, url);
           if (failure) {
             then(failure, error, result);
           }