fix: 彻底消除用户枚举和异常信息泄露的遗留问题

- UserServiceImpl: 3处"用户不存在"统一改为"用户名或密码错误"/"认证失败" - RouterHandlerFactory: failureHandler 中 ctx.failure().getMessage() 改为"服务器内部错误"
2026-06-10 23:47:29 +00:00 · 2026-05-29 05:53:40 +08:00
parent 7ca63985bd
commit 7d5831b5f4
2 changed files with 6 additions and 6 deletions
--- a/core/src/main/java/cn/qaiu/vx/core/handlerfactory/RouterHandlerFactory.java
+++ b/core/src/main/java/cn/qaiu/vx/core/handlerfactory/RouterHandlerFactory.java
@@ -181,7 +181,7 @@ public class RouterHandlerFactory implements BaseHttpApi {
                        doFireJsonResultResponse(ctx, JsonResult.error("未知异常, 请联系管理员"), 503);
                    } else {
                        LOGGER.error("路由处理失败", ctx.failure());
-                        doFireJsonResultResponse(ctx, JsonResult.error(ctx.failure().getMessage()), 500);
+                        doFireJsonResultResponse(ctx, JsonResult.error("服务器内部错误"), 500);
                    }
                });
            } else if (method.isAnnotationPresent(SockRouteMapper.class)) {