springboot实现拦截器之验证登录示例
整理文档,搜刮出一个springboot实现拦截器之验证登录示例,稍微整理精简一下做下分享。
添加jar包,这个jar包不是必须的,只是在拦截器里用到了,如果不用的话,完全可以不引入
<dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> <version>3.5</version> </dependency>
springboot默认为Tomcat,如果用jetty,还需要引入
<dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <version>3.1.0</version> </dependency>
1、以登录验证为例,首先创建个@Auth注解
packagecom.demo.interceptor;
importjava.lang.annotation.*;
/**
*Createdbyhuguojuon2016/12/30.
*在类或方法上添加@Auth就验证登录
*/
@Target({ElementType.TYPE,ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
public@interfaceAuth{
}
2、创建一个Constants,在拦截器里用
packagecom.demo.util;
/**
*Createdbyhuguojuon2016/12/30.
*/
publicinterfaceConstants{
intMAX_FILE_UPLOAD_SIZE=5242880;
StringMOBILE_NUMBER_SESSION_KEY="sessionMobileNumber";
StringUSER_CODE_SESSION_KEY="userCode";
StringSESSION_KEY="sessionId";
}
3、创建一个SessionData,用于保存在session中的字段
packagecom.demo.model;
importlombok.Data;
/**
*Createdbyhuguojuon2016/12/30.
*/
@Data
publicclassSessionData{
privateIntegeruserCode;
privateStringmobileNumber;
}
4、实现登录拦截实现
packagecom.demo.interceptor;
importcom.demo.model.SessionData;
importcom.demo.util.RedisUtil;
importorg.springframework.beans.factory.annotation.Autowired;
importorg.springframework.stereotype.Component;
importorg.springframework.web.method.HandlerMethod;
importorg.springframework.web.servlet.handler.HandlerInterceptorAdapter;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importjava.lang.reflect.Method;
importstaticcom.demo.util.Constants.MOBILE_NUMBER_SESSION_KEY;
importstaticcom.demo.util.Constants.SESSION_KEY;
importstaticcom.demo.util.Constants.USER_CODE_SESSION_KEY;
/**
*Createdbyhuguojuon2016/12/30.
*/
@Component
publicclassLoginInterceptorextendsHandlerInterceptorAdapter{
@Autowired
privateRedisUtilredisUtils;
privatefinalstaticStringSESSION_KEY_PREFIX="session:";
publicbooleanpreHandle(HttpServletRequestrequest,
HttpServletResponseresponse,Objecthandler)throwsException{
if(!handler.getClass().isAssignableFrom(HandlerMethod.class)){
returntrue;
}
handlerSession(request);
finalHandlerMethodhandlerMethod=(HandlerMethod)handler;
finalMethodmethod=handlerMethod.getMethod();
finalClass<?>clazz=method.getDeclaringClass();
if(clazz.isAnnotationPresent(Auth.class)||
method.isAnnotationPresent(Auth.class)){
if(request.getAttribute(USER_CODE_SESSION_KEY)==null){
thrownewException();
}else{
returntrue;
}
}
returntrue;
}
publicvoidhandlerSession(HttpServletRequestrequest){
StringsessionId=request.getHeader(SESSION_KEY);
if(org.apache.commons.lang3.StringUtils.isBlank(sessionId)){
sessionId=(String)request.getSession().getAttribute(SESSION_KEY);
}
if(org.apache.commons.lang3.StringUtils.isNotBlank(sessionId)){
SessionDatamodel=(SessionData)redisUtils.get(SESSION_KEY_PREFIX+sessionId);
if(model==null){
return;
}
request.setAttribute(SESSION_KEY,sessionId);
IntegeruserCode=model.getUserCode();
if(userCode!=null){
request.setAttribute(USER_CODE_SESSION_KEY,Long.valueOf(userCode));
}
Stringmobile=model.getMobileNumber();
if(mobile!=null){
request.setAttribute(MOBILE_NUMBER_SESSION_KEY,mobile);
}
}
return;
}
}
5、配置拦截器
packagecom.demo.interceptor;
importorg.hibernate.validator.HibernateValidator;
importorg.slf4j.Logger;
importorg.slf4j.LoggerFactory;
importorg.springframework.beans.factory.annotation.Autowired;
importorg.springframework.context.MessageSource;
importorg.springframework.context.annotation.Bean;
importorg.springframework.context.annotation.ComponentScan;
importorg.springframework.context.annotation.Configuration;
importorg.springframework.context.annotation.PropertySource;
importorg.springframework.context.support.PropertySourcesPlaceholderConfigurer;
importorg.springframework.context.support.ReloadableResourceBundleMessageSource;
importorg.springframework.validation.Validator;
importorg.springframework.validation.beanvalidation.LocalValidatorFactoryBean;
importorg.springframework.validation.beanvalidation.MethodValidationPostProcessor;
importorg.springframework.web.servlet.ViewResolver;
importorg.springframework.web.servlet.config.annotation.*;
importorg.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
importorg.springframework.web.servlet.view.InternalResourceViewResolver;
/**
*Createdbyhuguojuon2016/12/30.
*/
@Configuration
@EnableWebMvc
@ComponentScan(basePackages="com.demo.controller")
@PropertySource(value="classpath:application.properties",
ignoreResourceNotFound=true,encoding="UTF-8")
publicclassMvcConfigextendsWebMvcConfigurerAdapter{
privatestaticfinalLoggerlogger=LoggerFactory.getLogger(MvcConfig.class);
@Autowired
LoginInterceptorloginInterceptor;
/**
*<p>
*视图处理器
*</p>
*
*@return
*/
@Bean
publicViewResolverviewResolver(){
logger.info("ViewResolver");
InternalResourceViewResolverviewResolver=newInternalResourceViewResolver();
viewResolver.setPrefix("/WEB-INF/jsp/");
viewResolver.setSuffix(".jsp");
returnviewResolver;
}
/**
*拦截器配置
*@paramregistry
*/
@Override
publicvoidaddInterceptors(InterceptorRegistryregistry){
//注册监控拦截器
registry.addInterceptor(loginInterceptor)
.addPathPatterns("/**")
.excludePathPatterns("/configuration/ui");
}
@Override
publicvoidaddCorsMappings(CorsRegistryregistry){
registry.addMapping("/**")
.allowedOrigins("*")
.allowedHeaders("*/*")
.allowedMethods("*")
.maxAge(120);
}
/**
*资源处理器
*@paramregistry
*/
@Override
publicvoidaddResourceHandlers(ResourceHandlerRegistryregistry){
logger.info("addResourceHandlers");
registry.addResourceHandler("/swagger-ui.html")
.addResourceLocations("classpath:/META-INF/resources/");
registry.addResourceHandler("/webjars/**")
.addResourceLocations("classpath:/META-INF/resources/webjars/");
}
}
以上就完成了,测试时可以在LoginInterceptor里打断点,然后在controller上或者方法上添加@Auth注解,
controller上添加以后这个controller里所有请求都验证登录,在方法里添加只有请求这个方法时验证
@Auth
@RestController
publicclassTestController{}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。