From a3bffe67a79cd40dac4c8f4527478f20e921bb62 Mon Sep 17 00:00:00 2001
From: johnniang <johnniang@foxmail.com>
Date: Sat, 30 Nov 2019 15:53:52 +0800
Subject: [PATCH] Throw forbidden exception while temporary token expired

---
 .../halo/app/security/filter/AbstractAuthenticationFilter.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
index 16f6fbc7b..04c16a954 100644
--- a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
+++ b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
@@ -9,6 +9,7 @@ import org.springframework.util.Assert;
 import org.springframework.web.filter.OncePerRequestFilter;
 import run.halo.app.cache.StringCacheStore;
 import run.halo.app.config.properties.HaloProperties;
+import run.halo.app.exception.ForbiddenException;
 import run.halo.app.exception.NotInstallException;
 import run.halo.app.model.properties.PrimaryProperties;
 import run.halo.app.model.support.HaloConst;
@@ -183,7 +184,7 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter
 
         if (!tokenCountOptional.isPresent()) {
             // If the token is not found
-            return false;
+            throw new ForbiddenException("The temporary token has been expired").setErrorData(tempToken);
         }
 
         log.info("Got valid temp token: [{}]", tempToken);