springboot(八)拦截器之验证登录
来源:互联网 发布:人工智能和3d可视化 编辑:程序博客网 时间:2024/04/28 05:12
添加jar包,这个jar包不是必须的,只是在拦截器里用到了,如果不用的话,完全可以不引入
<dependency><groupId>org.apache.commons</groupId><artifactId>commons-lang3</artifactId><version>3.5</version></dependency>
springboot默认为Tomcat,如果用jetty,还需要引入
<dependency><groupId>javax.servlet</groupId><artifactId>javax.servlet-api</artifactId><version>3.1.0</version></dependency>
1、以登录验证为例,首先创建个@Auth注解
package com.demo.interceptor;import java.lang.annotation.*;/** * Created by huguoju on 2016/12/30. * 在类或方法上添加@Auth就验证登录 */@Target({ElementType.TYPE, ElementType.METHOD})@Retention(RetentionPolicy.RUNTIME)@Documentedpublic @interface Auth {}2、创建一个Constants,在拦截器里用
package com.demo.util;/** * Created by huguoju on 2016/12/30. */public interface Constants { int MAX_FILE_UPLOAD_SIZE = 5242880; String MOBILE_NUMBER_SESSION_KEY = "sessionMobileNumber"; String USER_CODE_SESSION_KEY = "userCode"; String SESSION_KEY = "sessionId";}
3、创建一个SessionData,用于保存在session中的字段
package com.demo.model;import lombok.Data;/** * Created by huguoju on 2016/12/30. */@Datapublic class SessionData { private Integer userCode; private String mobileNumber;}
4、实现登录拦截实现
package com.demo.interceptor;import com.demo.model.SessionData;import com.demo.util.RedisUtil;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Component;import org.springframework.web.method.HandlerMethod;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.lang.reflect.Method;import static com.demo.util.Constants.MOBILE_NUMBER_SESSION_KEY;import static com.demo.util.Constants.SESSION_KEY;import static com.demo.util.Constants.USER_CODE_SESSION_KEY;/** * Created by huguoju on 2016/12/30. */@Componentpublic class LoginInterceptor extends HandlerInterceptorAdapter { @Autowired private RedisUtil redisUtils; private final static String SESSION_KEY_PREFIX = "session:"; public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (!handler.getClass().isAssignableFrom(HandlerMethod.class)) { return true; } handlerSession(request); final HandlerMethod handlerMethod = (HandlerMethod) handler; final Method method = handlerMethod.getMethod(); final Class<?> clazz = method.getDeclaringClass(); if (clazz.isAnnotationPresent(Auth.class) || method.isAnnotationPresent(Auth.class)) { if(request.getAttribute(USER_CODE_SESSION_KEY) == null){ throw new Exception(); }else{ return true; } } return true; } public void handlerSession(HttpServletRequest request) { String sessionId = request.getHeader(SESSION_KEY); if(org.apache.commons.lang3.StringUtils.isBlank(sessionId)){ sessionId=(String) request.getSession().getAttribute(SESSION_KEY); } if (org.apache.commons.lang3.StringUtils.isNotBlank(sessionId)) { SessionData model = (SessionData) redisUtils.get(SESSION_KEY_PREFIX+sessionId); if (model == null) { return ; } request.setAttribute(SESSION_KEY,sessionId); Integer userCode = model.getUserCode(); if (userCode != null) { request.setAttribute(USER_CODE_SESSION_KEY, Long.valueOf(userCode)); } String mobile = model.getMobileNumber(); if (mobile != null) { request.setAttribute(MOBILE_NUMBER_SESSION_KEY, mobile); } } return ; }}
redisUtil在上一篇文章创建过了
5、配置拦截器
package com.demo.interceptor;import org.hibernate.validator.HibernateValidator;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.MessageSource;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.ComponentScan;import org.springframework.context.annotation.Configuration;import org.springframework.context.annotation.PropertySource;import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;import org.springframework.context.support.ReloadableResourceBundleMessageSource;import org.springframework.validation.Validator;import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean;import org.springframework.validation.beanvalidation.MethodValidationPostProcessor;import org.springframework.web.servlet.ViewResolver;import org.springframework.web.servlet.config.annotation.*;import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;import org.springframework.web.servlet.view.InternalResourceViewResolver;/** * Created by huguoju on 2016/12/30. */@Configuration@EnableWebMvc@ComponentScan(basePackages = "com.demo.controller")@PropertySource(value = "classpath:application.properties", ignoreResourceNotFound = true,encoding = "UTF-8")public class MvcConfig extends WebMvcConfigurerAdapter { private static final Logger logger = LoggerFactory.getLogger(MvcConfig.class); @Autowired LoginInterceptor loginInterceptor; /** * <p> * 视图处理器 * </p> * * @return */ @Bean public ViewResolver viewResolver() { logger.info("ViewResolver"); InternalResourceViewResolver viewResolver = new InternalResourceViewResolver(); viewResolver.setPrefix("/WEB-INF/jsp/"); viewResolver.setSuffix(".jsp"); return viewResolver; } /** * 拦截器配置 * @param registry */ @Override public void addInterceptors(InterceptorRegistry registry) { // 注册监控拦截器 registry.addInterceptor(loginInterceptor) .addPathPatterns("/**") .excludePathPatterns("/configuration/ui"); } @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedOrigins("*") .allowedHeaders("*/*") .allowedMethods("*") .maxAge(120); } /** * 资源处理器 * @param registry */ @Override public void addResourceHandlers(ResourceHandlerRegistry registry) { logger.info("addResourceHandlers"); registry.addResourceHandler("/swagger-ui.html") .addResourceLocations("classpath:/META-INF/resources/"); registry.addResourceHandler("/webjars/**") .addResourceLocations("classpath:/META-INF/resources/webjars/"); }}
以上就完成了,测试时可以在LoginInterceptor里打断点,然后在controller上或者方法上添加@Auth注解,
controller上添加以后这个controller里所有请求都验证登录,在方法里添加只有请求这个方法时验证
@Auth@RestControllerpublic class TestController {}
0 1
- springboot(八)拦截器之验证登录
- SpringBoot拦截器和自定义注解验证是否登录
- Spring Boot 拦截器之验证登录
- 登录验证--拦截器
- SpringBoot之拦截器
- struts2 拦截器 登录验证
- Struts2拦截器登录验证
- Struts2拦截器登录验证
- Struts2拦截器登录验证
- SpringBoot之Interceptor拦截器
- SSH2 拦截器 登录验证 三步走
- struts中的拦截器验证登录
- struts2 拦截器验证是否登录
- struts2 拦截器 登录权限验证
- 基于struts拦截器的登录验证
- Struts2自定义拦截器验证登录
- 拦截器验证用户是否登录
- Struts2自定义登录验证拦截器
- iOS开发——信号量
- C#datatable制作
- 为什么友盟推送我直接运行可以获得device_token,但是打正式的apk不能?
- java异常处理机制
- Java servlet使用GSON返回JSON
- springboot(八)拦截器之验证登录
- 一个C#通过iTextSharp封装的PDF文件操作类代码
- 40. Combination Sum II
- Android4.4深入浅出之SurfaceFlinger(一)
- Android适配难题全面总结
- fragment中40多个textview 点击事件添加。
- 2016年的总结(大学里的学习与实习的过程)
- centos环境自动化批量安装jdk软件脚本
- 对SSD的理解