package com.atguigu.gulimall.member.config;
import com.atguigu.gulimall.member.interceptor.LoginUserInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.List;
/**
* User: ldj
* Date: 2022/11/3
* Time: 9:19
* Description: Web服务入口统一配置
*/
@RefreshScope
@Configuration
public class MyWebConfig implements WebMvcConfigurer {
//排除不需要拦截的路径,不要写死在代码里,从配置文件中读取
@Value("#{'${spring.interceptor.member.uris}'.split(',')}")
private List<String> uris;
String[] excludePaths = uris.toArray(new String[uris.size()]);
@Autowired
private LoginUserInterceptor loginUserInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(loginUserInterceptor)
.addPathPatterns("/**")
.excludePathPatterns(excludePaths);
}
}
package com.atguigu.gulimall.member.interceptor;
import com.atguli.common.constant.AuthServerConstant;
import com.atguli.common.vo.MemberRespVO;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* User: ldj
* Date: 2022/10/12
* Time: 10:31
* Description: 将拦截器作为组件交给spring容器,要让拦截器组件生效,
* 还需配置WebMvcConfigurer,重写addInterceptors方法添加拦截器组件
*/
@Component
public class LoginUserInterceptor implements HandlerInterceptor {
//当前线程共享变量
public static ThreadLocal<MemberRespVO> threadLocal = new ThreadLocal<>();
//在请求到达Controller之前拦截业务判断,是否放行请求?
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response,
Object handler) throws Exception {
//如果当前访求的用户登录了才会放行,默认拿到Cookie的sessionId
MemberRespVO loginUser = (MemberRespVO) request.getSession().getAttribute(AuthServerConstant.LOGIN_USER);
if (loginUser != null) {
//将用户的登录信息存入threadLocal,为执行当前请求的线程所共享
threadLocal.set(loginUser);
return true;
} else {
//没登录,要去登录
request.getSession().setAttribute("msg", "请先登录再访问");
response.sendRedirect("http://auth.gulimall.com/login.html");
return false;
}
}
}
registry .excludePathPatterns(excludePaths) 屏蔽实现方式,第二种写法,当然推荐使用上面写法
package com.atguigu.gulimall.seckill.interceptor;
import com.atguli.common.constant.AuthServerConstant;
import com.atguli.common.vo.MemberRespVO;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
/**
* User: ldj
* Date: 2022/10/12
* Time: 10:31
* Description: 将拦截器作为组件交给spring容器,要让拦截器组件生效,
* 还需配置WebMvcConfigurer,重写addInterceptors方法添加拦截器组件
*/
@Component
@RefreshScope
public class LoginUserInterceptor implements HandlerInterceptor {
//拦截器存储当前线程共享变量数据
public static ThreadLocal<MemberRespVO> threadLocal = new ThreadLocal<>();
//定义需要放行的请求uri,也可以在WebConfig配置 excludePathPatterns()
@Value("#{'${spring.interceptor.uris}'.split(',')}")
private List<String> uris;
/**
* 在请求到达controller之前拦截业务判断,是否放行请求?
*/
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response,
Object handler) throws Exception {
String uri = request.getRequestURI();
AntPathMatcher antPathMatcher = new AntPathMatcher();
boolean match = false;
if (uris.size() != 0) {
for (String ur : uris) {
if (antPathMatcher.match(ur, uri)) {
match = true;
break;
}
}
}
if (match) {
//当前请求需要用户登录才能放行,默认拿到Cookie的sessionId
MemberRespVO loginUser = (MemberRespVO) request.getSession().getAttribute(AuthServerConstant.LOGIN_USER);
if (loginUser != null) {
//将用户的登录信息存入threadLocal,为执行当前请求的线程所共享
threadLocal.set(loginUser);
return true;
} else {
//没登录,要去登录
request.getSession().setAttribute("msg", "请先登录再访问");
response.sendRedirect("http://auth.gulimall.com/login.html");
return false;
}
}
return true;
}
}