简介:
springboot基于注解配置登录拦截一般分为4步:1 新建注解 2 新建拦截器 3 注册拦截器4 需要拦截的方法加上注解实现过滤拦截以下是具体实现:新建注解package com.democxy.common.annotation;import java.lang.annotation.ElementType;import java.lang.annotation
springboot基于注解配置登录拦截一般分为4步:
1 新建注解 2 新建拦截器 3 注册拦截器
4 需要拦截的方法加上注解实现过滤拦截
以下是具体实现:
新建注解
package com.democxy.common.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 在需要登录验证的Controller的方法上使用此注解
* @Target 注解的作用范围 方法之上
* @Retention 注解的生存周期 运行级别,注解存在于源码、字节码、java虚拟机中,主要用于运行时,可以使用反射获取相关的信息
*/
@Target({ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface LoginRequired {
}
新建拦截器
package com.democxy.common.interceptor;
import com.democxy.common.annotation.LoginRequired;
import com.democxy.common.exception.CustomException;
import com.democxy.common.utils.JwtUtil;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
/**
* 授权验证拦截器
*/
public class AuthenticationInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 从 http 请求头中取出 token
// String token = request.getHeader("token");
// boolean verity = JwtUtil.validateToken(token);
// if (!verity){
// throw new CustomException(4040,"token过期,请重新登录");
// }
//基于注解配置登录拦截
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
// 接口是否有@LoginRequired注解, 有则需要判断是否登录
boolean annotationPresent = method.isAnnotationPresent(LoginRequired.class);
if (annotationPresent) {
// 验证token
String token = request.getHeader("token");
//在这里处理登录判断
return true;
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
注册拦截器
package com.democxy.common.config;
import com.democxy.common.interceptor.AuthenticationInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebConfig implements WebMvcConfigurer {
// 这个方法用来注册拦截器,我们自己写好的拦截器需要通过这里添加注册才能生效
@Override
public void addInterceptors(InterceptorRegistry registry) {
// registry.addInterceptor(new AuthenticationInterceptor())
// .addPathPatterns("/","/admin/**")
// .excludePathPatterns("/admin/account/login","/admin/account/logout");
//基于注解配置拦截,只需要注册拦截器,不在需要指定拦截方法
registry.addInterceptor(new AuthenticationInterceptor());
}
}
使用注解
@ResponseBody
@RequestMapping(value = "getAccount",method = RequestMethod.POST)
@LoginRequired
public ResponeData<String> getAccountByToken(HttpServletRequest request) {
//你的业务逻辑
return "success";
}