String authorization = request.getHeader("authorization"); String token = (String) request.getAttribute("token"); String auth = (token != null && token != "") ? token : (authorization != null && authorization != "") ? authorization : ""; logger.info("-------------" + "check token"); if(auth.isEmpty()) { logger.info("-------------" + auth); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); return false; } else {//token获取成功,处理验证信息 token = auth.replace("Bearer", "").trim(); if(true) {//验证是否有效 response.sendRedirect(request.getContextPath()+"/token/failed"); return false; } else { HttpSession session = request.getSession(true); session.setAttribute("USERID", "21432423"); return true; } }
/** * * @param req * @param res * @return * @throws RestfulAPIException */ @RequestMapping(value = "/token/failed", method = RequestMethod.GET) @ResponseBody public JSONObject checkToken(HttpServletRequest req, HttpServletResponse res) throws RestfulAPIException { JSONObject result = new JSONObject(); result.put("result", "token check failed"); return result; }