溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務條款》

springboot實現(xiàn)攔截器之驗證登錄示例

發(fā)布時間:2020-10-19 11:39:39 來源:腳本之家 閱讀:247 作者:天使沒吃飽 欄目:編程語言

整理文檔,搜刮出一個springboot實現(xiàn)攔截器之驗證登錄示例,稍微整理精簡一下做下分享。

添加jar包,這個jar包不是必須的,只是在攔截器里用到了,如果不用的話,完全可以不引入

<dependency> 
      <groupId>org.apache.commons</groupId> 
      <artifactId>commons-lang3</artifactId> 
      <version>3.5</version> 
    </dependency>

springboot默認為Tomcat,如果用jetty,還需要引入

<dependency> 
      <groupId>javax.servlet</groupId> 
      <artifactId>javax.servlet-api</artifactId> 
      <version>3.1.0</version> 
    </dependency>

1、以登錄驗證為例,首先創(chuàng)建個@Auth注解

package com.demo.interceptor; 
 
import java.lang.annotation.*; 
 
/** 
 * Created by huguoju on 2016/12/30. 
 * 在類或方法上添加@Auth就驗證登錄 
 */ 
@Target({ElementType.TYPE, ElementType.METHOD}) 
@Retention(RetentionPolicy.RUNTIME) 
@Documented 
public @interface Auth { 
}

2、創(chuàng)建一個Constants,在攔截器里用

package com.demo.util; 
 
/** 
 * Created by huguoju on 2016/12/30. 
 */ 
public interface Constants { 
  int MAX_FILE_UPLOAD_SIZE = 5242880; 
  String MOBILE_NUMBER_SESSION_KEY = "sessionMobileNumber"; 
  String USER_CODE_SESSION_KEY = "userCode"; 
  String SESSION_KEY = "sessionId"; 
}

3、創(chuàng)建一個SessionData,用于保存在session中的字段

package com.demo.model; 
 
import lombok.Data; 
 
/** 
 * Created by huguoju on 2016/12/30. 
 */ 
@Data 
public class SessionData { 
  private Integer userCode; 
  private String mobileNumber; 
}

4、實現(xiàn)登錄攔截實現(xiàn)

package com.demo.interceptor; 
 
import com.demo.model.SessionData; 
import com.demo.util.RedisUtil; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.stereotype.Component; 
import org.springframework.web.method.HandlerMethod; 
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; 
 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import java.lang.reflect.Method; 
 
import static com.demo.util.Constants.MOBILE_NUMBER_SESSION_KEY; 
import static com.demo.util.Constants.SESSION_KEY; 
import static com.demo.util.Constants.USER_CODE_SESSION_KEY; 
 
/** 
 * Created by huguoju on 2016/12/30. 
 */ 
@Component 
public class LoginInterceptor extends HandlerInterceptorAdapter { 
  @Autowired 
  private RedisUtil redisUtils; 
  private final static String SESSION_KEY_PREFIX = "session:"; 
  public boolean preHandle(HttpServletRequest request, 
               HttpServletResponse response, Object handler) throws Exception { 
    if (!handler.getClass().isAssignableFrom(HandlerMethod.class)) { 
      return true; 
    } 
    handlerSession(request); 
 
    final HandlerMethod handlerMethod = (HandlerMethod) handler; 
    final Method method = handlerMethod.getMethod(); 
    final Class<?> clazz = method.getDeclaringClass(); 
    if (clazz.isAnnotationPresent(Auth.class) || 
        method.isAnnotationPresent(Auth.class)) { 
      if(request.getAttribute(USER_CODE_SESSION_KEY) == null){ 
  
         throw new Exception(); 
         
      }else{ 
        return true; 
      } 
    } 
 
    return true; 
 
  } 
  public void handlerSession(HttpServletRequest request) { 
    String sessionId = request.getHeader(SESSION_KEY); 
    if(org.apache.commons.lang3.StringUtils.isBlank(sessionId)){ 
      sessionId=(String) request.getSession().getAttribute(SESSION_KEY); 
    } 
    if (org.apache.commons.lang3.StringUtils.isNotBlank(sessionId)) { 
      SessionData model = (SessionData) redisUtils.get(SESSION_KEY_PREFIX+sessionId); 
      if (model == null) { 
        return ; 
      } 
      request.setAttribute(SESSION_KEY,sessionId); 
      Integer userCode = model.getUserCode(); 
      if (userCode != null) { 
        request.setAttribute(USER_CODE_SESSION_KEY, Long.valueOf(userCode)); 
      } 
      String mobile = model.getMobileNumber(); 
      if (mobile != null) { 
        request.setAttribute(MOBILE_NUMBER_SESSION_KEY, mobile); 
      } 
    } 
    return ; 
  } 
}

5、配置攔截器

package com.demo.interceptor; 
 
import org.hibernate.validator.HibernateValidator; 
import org.slf4j.Logger; 
import org.slf4j.LoggerFactory; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.context.MessageSource; 
import org.springframework.context.annotation.Bean; 
import org.springframework.context.annotation.ComponentScan; 
import org.springframework.context.annotation.Configuration; 
import org.springframework.context.annotation.PropertySource; 
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer; 
import org.springframework.context.support.ReloadableResourceBundleMessageSource; 
import org.springframework.validation.Validator; 
import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean; 
import org.springframework.validation.beanvalidation.MethodValidationPostProcessor; 
import org.springframework.web.servlet.ViewResolver; 
import org.springframework.web.servlet.config.annotation.*; 
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; 
import org.springframework.web.servlet.view.InternalResourceViewResolver; 
 
/** 
 * Created by huguoju on 2016/12/30. 
 */ 
@Configuration 
@EnableWebMvc 
@ComponentScan(basePackages = "com.demo.controller") 
@PropertySource(value = "classpath:application.properties", 
    ignoreResourceNotFound = true,encoding = "UTF-8") 
public class MvcConfig extends WebMvcConfigurerAdapter { 
  private static final Logger logger = LoggerFactory.getLogger(MvcConfig.class); 
  @Autowired 
  LoginInterceptor loginInterceptor; 
 
  /** 
 
   * <p> 
   *   視圖處理器 
   * </p> 
   * 
   * @return 
   */ 
  @Bean 
  public ViewResolver viewResolver() { 
    logger.info("ViewResolver"); 
    InternalResourceViewResolver viewResolver = new InternalResourceViewResolver(); 
    viewResolver.setPrefix("/WEB-INF/jsp/"); 
    viewResolver.setSuffix(".jsp"); 
    return viewResolver; 
  } 
 
  /** 
   * 攔截器配置 
   * @param registry 
   */ 
  @Override 
  public void addInterceptors(InterceptorRegistry registry) { 
    // 注冊監(jiān)控攔截器 
    registry.addInterceptor(loginInterceptor) 
        .addPathPatterns("/**") 
     .excludePathPatterns("/configuration/ui"); 
 
  } 
 
  @Override 
  public void addCorsMappings(CorsRegistry registry) { 
    registry.addMapping("/**") 
        .allowedOrigins("*") 
        .allowedHeaders("*/*") 
        .allowedMethods("*") 
        .maxAge(120); 
  } 
 
  /** 
   * 資源處理器 
   * @param registry 
   */ 
  @Override 
  public void addResourceHandlers(ResourceHandlerRegistry registry) { 
    logger.info("addResourceHandlers"); 
    registry.addResourceHandler("/swagger-ui.html") 
        .addResourceLocations("classpath:/META-INF/resources/"); 
    registry.addResourceHandler("/webjars/**") 
        .addResourceLocations("classpath:/META-INF/resources/webjars/"); 
  } 
 
}

以上就完成了,測試時可以在LoginInterceptor里打斷點,然后在controller上或者方法上添加@Auth注解,
controller上添加以后這個controller里所有請求都驗證登錄,在方法里添加只有請求這個方法時驗證

@Auth 
@RestController 
public class TestController {  }

以上就是本文的全部內(nèi)容,希望對大家的學習有所幫助,也希望大家多多支持億速云。

向AI問一下細節(jié)

免責聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI