给项目配置拦截器,拦截未登录用户,放行对静态资源的访问
1.第一种方法,新建一个配置类(带有@Configuration注解),继承WebMvcConfigurer类,配置拦截内容
我的包结构如图
具体代码
import com.fasterxml.jackson.databind.ObjectMapper;
import com.jshiming.common.Constants;
import com.jshiming.common.Result;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;
@Slf4j
@Configuration //springMvc的配置类
public class MvcConfig implements WebMvcConfigurer {
//配置拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
//拦截Controller
HandlerInterceptor interceptor = new HandlerInterceptor() {
//该方法在Controller执行前拦截,返回true,不阻止请求,返回false,阻止请求。
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
log.debug("MvcConfig拦截:{}",request.getServletPath());
/*
1.有些地址无条件放行,登录页面(/login.html),/assets/**,/css/**,/fonts/**,/js/**
2.有些地址未登录拦截
* */
//获得当前请求路径
String path = request.getServletPath();
if("/login.html".equals(path) || "/security/login".equals(path)
||path.startsWith("/assets/")||path.startsWith("/css/")
||path.startsWith("/fonts/")||path.startsWith("/js/")){
return true;
}
HttpSession session = request.getSession();
Object currentStore = session.getAttribute(Constants.SESSION_ATTR_NAME_CURRENT_STORE);
if(currentStore != null){
return true;
}
//不放行怎么办
/*
1.非ajax请求(例如对html、图片、js等静态资源的访问),重定向到登录页
2.ajax请求,发送标准化响应数据,如本案例中的Result对象
* */
if("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))){
//ajax请求,发送标准化响应数据,如本案例中的Result对象
Result result = Result.err(Result.CODE_ERR_UNLOGINED,"请登录后访问!");
ObjectMapper objectMapper = new ObjectMapper();//SpringMVC提供的一种转换工具类(可转json串)
String jsonStr = objectMapper.writeValueAsString(result);//将Result对象转为json串
//将json串输出到浏览器(通过流)
response.setContentType("application/json;charset=UTF-8");//设置响应数据格式和编码
PrintWriter out = response.getWriter();
out.print(jsonStr);
out.flush();
out.close();
}else{//非ajax请求进行重定向,重定向到登录页面 Redirect
response.sendRedirect(request.getContextPath()+"/login.html");
}
return false;
}
};
registry.addInterceptor(interceptor);
}
}
2.第二种方法,启动类本身就是配置类,直接继承WebMvcConfigurer类配置拦截内容就好
import com.fasterxml.jackson.databind.ObjectMapper;
import com.jshiming.common.Constants;
import com.jshiming.common.Result;
import lombok.extern.slf4j.Slf4j;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;
@Slf4j
@SpringBootApplication
@MapperScan("com.jshiming.fun.*.dao")
public class JshimingApplication implements WebMvcConfigurer {
public static void main(String[] args) {
SpringApplication.run(JshimingApplication.class, args);
}
//配置拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
//拦截Controller
HandlerInterceptor interceptor = new HandlerInterceptor() {
//该方法在Controller执行前拦截,返回true,不阻止请求,返回false,阻止请求。
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
log.debug("拦截:{}",request.getServletPath());
/*
1.有些地址无条件放行,登录页面(/login.html),/assets/**,/css/**,/fonts/**,/js/**
2.有些地址未登录拦截
* */
//获得当前请求路径
String path = request.getServletPath();
if("/login.html".equals(path) || "/security/login".equals(path)
||path.startsWith("/assets/")||path.startsWith("/css/")
||path.startsWith("/fonts/")||path.startsWith("/js/")){
return true;
}
HttpSession session = request.getSession();
Object currentStore = session.getAttribute(Constants.SESSION_ATTR_NAME_CURRENT_STORE);
if(currentStore != null){
return true;
}
//不放行怎么办
/*
1.非ajax请求(例如对html、图片、js等静态资源的访问),重定向到登录页
2.ajax请求,发送标准化响应数据,如本案例中的Result对象
* */
if("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))){
//ajax请求,发送标准化响应数据,如本案例中的Result对象
Result result = Result.err(Result.CODE_ERR_UNLOGINED,"请登录后访问!");
ObjectMapper objectMapper = new ObjectMapper();//SpringMVC提供的一种转换工具类(可转json串)
String jsonStr = objectMapper.writeValueAsString(result);//将Result对象转为json串
//将json串输出到浏览器(通过流)
response.setContentType("application/json;charset=UTF-8");//设置响应数据格式和编码
PrintWriter out = response.getWriter();
out.print(jsonStr);
out.flush();
out.close();
}else{//非ajax请求进行重定向,重定向到登录页面 Redirect
response.sendRedirect(request.getContextPath()+"/login.html");
}
return false;
}
};
registry.addInterceptor(interceptor);
}
}