1.创建自定义注解
import java.lang.annotation.*;
/**
* @ClassName TokenAop
* @Description token空验证自定义注解
* @Author make
* @Date
* @Version 1.0
*/
@Inherited
@Documented
@Target({ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface CheckTokenAnnotation {
}
2.对自定义注解进行aop切入执行方法
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@Slf4j
@Aspect
@Component
public class TokenAspect {
/**
* 对直接进行切面判定, 可以换成指定的类.
*/
@Pointcut("@annotation(com.fht.common.util.auth.CheckTokenAnnotation)")
public void toCheckTokenAnnotation() {
}
/**
* 环绕通知
* 验证token是否为空
* @param joinPoint
* @return
* @throws Throwable
*/
@Around("toCheckTokenAnnotation()")
public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
// 获取request,response
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
// 得到请求头是否有 token ,没有就从参数找
String token = request.getHeader("token");
if (StringUtils.isEmpty(token)) {
token = request.getParameter("token");
}
if (StringUtils.isEmpty(token)) {
response.setStatus(HttpStatus.FORBIDDEN.value());
response.getWriter().write("{\"code\":" + HttpStatus.FORBIDDEN.value() + ",\"data\":{},\"message\":\"" + HttpStatus.FORBIDDEN.getReasonPhrase() + "\"}");
//responseResult(response, 500, "没有token");
return null;
}
return joinPoint.proceed();
}
/**
* 自定义响应结果
*
* @param response 响应
* @param code 响应码
* @param message 响应信息
*/
private void responseResult(HttpServletResponse response, Integer code, String message) {
response.resetBuffer();
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setContentType("application/json");
response.setCharacterEncoding("UTF-8");
PrintWriter writer = null;
try {
writer = response.getWriter();
writer.println("{\"code\":" + code + " ,\"message\" :\"" + message + "\"}");
response.flushBuffer();
} catch (IOException e) {
log.error(" 输入响应出错 e = {}", e.getMessage(), e);
} finally {
if (writer != null) {
writer.flush();
writer.close();
}
}
}
}
3.调用
/**
*
* @return
*/
@ResponseBody
@RequestMapping("/addUser")
@CheckTokenAnnotation
public String addUser(){
User user = userService.addUser();
return user.toString();
}