springboot实现拦截器之验证登录示例
整理文档,搜刮出一个springboot实现拦截器之验证登录示例,稍微整理精简一下做下分享。
添加jar包,这个jar包不是必须的,只是在拦截器里用到了,如果不用的话,完全可以不引入
<dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> <version>3.5</version> </dependency>
springboot默认为Tomcat,如果用jetty,还需要引入
<dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <version>3.1.0</version> </dependency>
1、以登录验证为例,首先创建个@Auth注解
packagecom.demo.interceptor; importjava.lang.annotation.*; /** *Createdbyhuguojuon2016/12/30. *在类或方法上添加@Auth就验证登录 */ @Target({ElementType.TYPE,ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) @Documented public@interfaceAuth{ }
2、创建一个Constants,在拦截器里用
packagecom.demo.util; /** *Createdbyhuguojuon2016/12/30. */ publicinterfaceConstants{ intMAX_FILE_UPLOAD_SIZE=5242880; StringMOBILE_NUMBER_SESSION_KEY="sessionMobileNumber"; StringUSER_CODE_SESSION_KEY="userCode"; StringSESSION_KEY="sessionId"; }
3、创建一个SessionData,用于保存在session中的字段
packagecom.demo.model; importlombok.Data; /** *Createdbyhuguojuon2016/12/30. */ @Data publicclassSessionData{ privateIntegeruserCode; privateStringmobileNumber; }
4、实现登录拦截实现
packagecom.demo.interceptor; importcom.demo.model.SessionData; importcom.demo.util.RedisUtil; importorg.springframework.beans.factory.annotation.Autowired; importorg.springframework.stereotype.Component; importorg.springframework.web.method.HandlerMethod; importorg.springframework.web.servlet.handler.HandlerInterceptorAdapter; importjavax.servlet.http.HttpServletRequest; importjavax.servlet.http.HttpServletResponse; importjava.lang.reflect.Method; importstaticcom.demo.util.Constants.MOBILE_NUMBER_SESSION_KEY; importstaticcom.demo.util.Constants.SESSION_KEY; importstaticcom.demo.util.Constants.USER_CODE_SESSION_KEY; /** *Createdbyhuguojuon2016/12/30. */ @Component publicclassLoginInterceptorextendsHandlerInterceptorAdapter{ @Autowired privateRedisUtilredisUtils; privatefinalstaticStringSESSION_KEY_PREFIX="session:"; publicbooleanpreHandle(HttpServletRequestrequest, HttpServletResponseresponse,Objecthandler)throwsException{ if(!handler.getClass().isAssignableFrom(HandlerMethod.class)){ returntrue; } handlerSession(request); finalHandlerMethodhandlerMethod=(HandlerMethod)handler; finalMethodmethod=handlerMethod.getMethod(); finalClass<?>clazz=method.getDeclaringClass(); if(clazz.isAnnotationPresent(Auth.class)|| method.isAnnotationPresent(Auth.class)){ if(request.getAttribute(USER_CODE_SESSION_KEY)==null){ thrownewException(); }else{ returntrue; } } returntrue; } publicvoidhandlerSession(HttpServletRequestrequest){ StringsessionId=request.getHeader(SESSION_KEY); if(org.apache.commons.lang3.StringUtils.isBlank(sessionId)){ sessionId=(String)request.getSession().getAttribute(SESSION_KEY); } if(org.apache.commons.lang3.StringUtils.isNotBlank(sessionId)){ SessionDatamodel=(SessionData)redisUtils.get(SESSION_KEY_PREFIX+sessionId); if(model==null){ return; } request.setAttribute(SESSION_KEY,sessionId); IntegeruserCode=model.getUserCode(); if(userCode!=null){ request.setAttribute(USER_CODE_SESSION_KEY,Long.valueOf(userCode)); } Stringmobile=model.getMobileNumber(); if(mobile!=null){ request.setAttribute(MOBILE_NUMBER_SESSION_KEY,mobile); } } return; } }
5、配置拦截器
packagecom.demo.interceptor; importorg.hibernate.validator.HibernateValidator; importorg.slf4j.Logger; importorg.slf4j.LoggerFactory; importorg.springframework.beans.factory.annotation.Autowired; importorg.springframework.context.MessageSource; importorg.springframework.context.annotation.Bean; importorg.springframework.context.annotation.ComponentScan; importorg.springframework.context.annotation.Configuration; importorg.springframework.context.annotation.PropertySource; importorg.springframework.context.support.PropertySourcesPlaceholderConfigurer; importorg.springframework.context.support.ReloadableResourceBundleMessageSource; importorg.springframework.validation.Validator; importorg.springframework.validation.beanvalidation.LocalValidatorFactoryBean; importorg.springframework.validation.beanvalidation.MethodValidationPostProcessor; importorg.springframework.web.servlet.ViewResolver; importorg.springframework.web.servlet.config.annotation.*; importorg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; importorg.springframework.web.servlet.view.InternalResourceViewResolver; /** *Createdbyhuguojuon2016/12/30. */ @Configuration @EnableWebMvc @ComponentScan(basePackages="com.demo.controller") @PropertySource(value="classpath:application.properties", ignoreResourceNotFound=true,encoding="UTF-8") publicclassMvcConfigextendsWebMvcConfigurerAdapter{ privatestaticfinalLoggerlogger=LoggerFactory.getLogger(MvcConfig.class); @Autowired LoginInterceptorloginInterceptor; /** *<p> *视图处理器 *</p> * *@return */ @Bean publicViewResolverviewResolver(){ logger.info("ViewResolver"); InternalResourceViewResolverviewResolver=newInternalResourceViewResolver(); viewResolver.setPrefix("/WEB-INF/jsp/"); viewResolver.setSuffix(".jsp"); returnviewResolver; } /** *拦截器配置 *@paramregistry */ @Override publicvoidaddInterceptors(InterceptorRegistryregistry){ //注册监控拦截器 registry.addInterceptor(loginInterceptor) .addPathPatterns("/**") .excludePathPatterns("/configuration/ui"); } @Override publicvoidaddCorsMappings(CorsRegistryregistry){ registry.addMapping("/**") .allowedOrigins("*") .allowedHeaders("*/*") .allowedMethods("*") .maxAge(120); } /** *资源处理器 *@paramregistry */ @Override publicvoidaddResourceHandlers(ResourceHandlerRegistryregistry){ logger.info("addResourceHandlers"); registry.addResourceHandler("/swagger-ui.html") .addResourceLocations("classpath:/META-INF/resources/"); registry.addResourceHandler("/webjars/**") .addResourceLocations("classpath:/META-INF/resources/webjars/"); } }
以上就完成了,测试时可以在LoginInterceptor里打断点,然后在controller上或者方法上添加@Auth注解,
controller上添加以后这个controller里所有请求都验证登录,在方法里添加只有请求这个方法时验证
@Auth @RestController publicclassTestController{}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。