SpringBoot 优雅的配置拦截器方式
步骤:
1.实现WebMvcConfigurer配置类
2.实现拦截器
3. 把拦截器添加到配置中
4.添加需要拦截的请求
5.添加需要排除的请求
package com.zp.springbootdemo.interceptor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * 和springmvc的webmvc拦截配置一样 * @author zp */ @Configuration public class WebConfigurer implements WebMvcConfigurer { /** * 拦截器配置 * @param registry */ @Override public void addInterceptors(InterceptorRegistry registry) { // addPathPatterns拦截所有请求,excludePathPatterns排除特殊的请求 //registry.addInterceptor(LoginInterceptor()).addPathPatterns("/**"); registry.addInterceptor(AuthorityInterceptor()).addPathPatterns("/**"); //excludePathPatterns 排除的请求 // registry.addInterceptor(LoginInterceptor()).addPathPatterns("/**").excludePathPatterns("/user/**"); // registry.addInterceptor(AuthorityInterceptor()).addPathPatterns("/**").excludePathPatterns("/user/**"); } /** * 拦截器一 * @return */ @Bean public LoginInterceptor LoginInterceptor() { return new LoginInterceptor(); } /** * 拦截器二 * @return */ @Bean public AuthorityInterceptor AuthorityInterceptor() { return new AuthorityInterceptor(); } }
基于URL实现的拦截器:
package com.zp.springbootdemo.interceptor; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginInterceptor extends HandlerInterceptorAdapter { /** * 在请求处理之前进行调用(Controller方法调用之前) * 基于URL实现的拦截器 * @param request * @param response * @param handler * @return * @throws Exception */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String path = request.getServletPath(); System.out.println("当前请求路径:"+path); System.out.println("=========进入拦截器1==================="); if (path.matches(Const.NO_INTERCEPTOR_PATH)) { //不需要的拦截直接过 System.out.println("=========无需拦截==================="); return true; } else { System.out.println("=========开始拦截==================="); // 这写你拦截需要干的事儿,比如取缓存,SESSION,权限判断等 String token = request.getParameter("token"); if(token == null){ System.out.println("=========拦截完成==================="+false); return false; } System.out.println("=========拦截完成==================="+true); return true; } } }
关键代码:path.matches(Const.NO_INTERCEPTOR_PATH 就是基于正则匹配的url。
package com.zp.springbootdemo.interceptor; /** * @author zp * @explain 常量类 */ public class Const { public static final String SUCCESS = "SUCCESS"; public static final String ERROR = "ERROR"; public static final String FIALL = "FIALL"; /**********************对象和个体****************************/ public static final String SESSION_USER = "loginedAgent"; // 用户对象 public static final String SESSION_LOGINID = "sessionLoginID"; // 登录ID public static final String SESSION_USERID = "sessionUserID"; // 当前用户对象ID编号 public static final String SESSION_USERNAME = "sessionUserName"; // 当前用户对象ID编号 public static final Integer PAGE = 10; // 默认分页数 public static final String SESSION_URL = "sessionUrl"; // 被记录的url public static final String SESSION_SECURITY_CODE = "sessionVerifyCode"; // 登录页验证码 // 时间 缓存时间 public static final int TIMEOUT = 1800;// 秒 public static final String ON_LOGIN = "/logout.htm"; public static final String LOGIN_OUT = "/toLogout"; // 不验证URL anon:不验证/authc:受控制的 public static final String NO_INTERCEPTOR_PATH =".*/((.css)|(.js)|(images)|(login)|(anon)).*"; }
测试:
请求地址:http://127.0.0.1:8080/user/getUser?token=123
结果:
基于注解的拦截器
①创建注解:
package com.zp.springbootdemo.interceptor; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * 在需要登录验证的Controller的方法上使用此注解 */ @Target({ElementType.METHOD})// 可用在方法名上 @Retention(RetentionPolicy.RUNTIME)// 运行时有效 public @interface LoginRequired { }
②创建拦截器:
package com.zp.springbootdemo.interceptor; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Method; public class AuthorityInterceptor extends HandlerInterceptorAdapter { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println("===============进入拦截器2====================="); // 如果不是映射到方法直接通过 if (!(handler instanceof HandlerMethod)) { System.out.println("===============无需拦截====================="); return true; } // ①:START 方法注解级拦截器 HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod(); // 判断接口是否需要登录 LoginRequired methodAnnotation = method.getAnnotation(LoginRequired.class); // 有 @LoginRequired 注解,需要认证 if (methodAnnotation != null) { // 这写你拦截需要干的事儿,比如取缓存,SESSION,权限判断等 System.out.println("===============开始拦截====================="); String token = request.getParameter("token"); if(token == null){ System.out.println("=========拦截完成==================="+false); return false; } System.out.println("=========拦截完成==================="+true); return true; } System.out.println("===============无需拦截==================="); return true; } }
测试接口代码1:
package com.zp.springbootdemo.system.controller; import com.zp.springbootdemo.interceptor.LoginRequired; import com.zp.springbootdemo.system.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import java.util.Map; @RestController @RequestMapping("/user") public class UserController { @Autowired private UserService userService; @GetMapping("/getUser") //@LoginRequired public Map<String,String> getUser(@RequestParam Map<String,String> user){ return userService.getUser(user); } }
请求地址:
http://127.0.0.1:8080/user/getUser?token=123
结果:
测试接口代码2:
package com.zp.springbootdemo.system.controller; import com.zp.springbootdemo.interceptor.LoginRequired; import com.zp.springbootdemo.system.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import java.util.Map; @RestController @RequestMapping("/user") public class UserController { @Autowired private UserService userService; @GetMapping("/getUser") @LoginRequired public Map<String,String> getUser(@RequestParam Map<String,String> user){ return userService.getUser(user); } }
请求地址:
http://127.0.0.1:8080/user/getUser?token=123
结果: