项目接口有些需要登陆权限,有些不需要。
没有使用注解的时候很多人是这么写:
LoginUser user = UserUtils.getLoginUser();
if (user == null) {
//告诉用户你没登陆
}
如果有很多个接口接口,全部这么些看起来实在不舒服,还很low。
我们可以使用aop+注解的方式实现
依赖包
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/org.aspectj/aspectjrt -->
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.9.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.aspectj/aspectjweaver -->
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.9.4</version>
</dependency>
先自定义注解
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface AccessRequired {
}
AOP配置:
import com.tydic.ga.uc.modules.login.dto.LoginUser;
import com.tydic.jg.dsp.common.annotation.AccessRequired;
import com.tydic.jg.dsp.common.globaldeal.ResultEnum;
import com.tydic.jg.dsp.common.globaldeal.ResultUtil;
import com.tydic.jg.dsp.utils.UserUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.*;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import java.lang.reflect.Method;
@Aspect
@Component
public class AccessAspect {
@Pointcut("@annotation(com.tydic.jg.dsp.common.annotation.AccessRequired)")
public void annotationPointCut(){}
@After("annotationPointCut()")
public void after(JoinPoint joinPoint){
}
@Before("execution(* com.tydic.jg.dsp.module.*.*.*.*(..))")
public void before(JoinPoint joinPoint){
}
@Around("execution(* com.tydic.jg.dsp.module.*.*.*.*(..))")
public Object run(ProceedingJoinPoint joinPoint)throws Throwable{
Object[] args = joinPoint.getArgs();
MethodSignature signature = (MethodSignature)joinPoint.getSignature();
Method method = signature.getMethod();
//获取注解
AccessRequired access = method.getAnnotation(AccessRequired.class);
if(access != null){
//有这个注解的接口需要验证用户是否登录
LoginUser user = UserUtils.getCurrentUser();
if(user == null){
//未登录需要告诉用户你未登录
return ResultUtil.error(ResultEnum.ERROR_USER_NOT_LOGIN);
}else {
//已经登录的继续处理业务
return joinPoint.proceed(args);
}
} else {
//没有这个注解的不验证登录,继续处理业务
return joinPoint.proceed(args);
}
}
}
controller测试:
@RequestMapping(value="test",method=RequestMethod.GET)
@AccessRequire
public Result test(String name){
//dosometing
return Result.success();
}