SpringBoot拦截器和SpringBoot Aop如出一辙,重点要强调的是其中的原理
原理:“从参数中去中取出的身份和注释进行对比”如果一致则放行,如果不一致则拦截
下面试代码部分
package com.example.demo.annotion;
import java.lang.annotation.*;
@Inherited
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface Auth {
String user() default "";
}
package com.example.demo.Util;
import com.example.demo.annotion.Auth;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("preHandle");
if (!handler.getClass().isAssignableFrom(HandlerMethod.class)) {
System.out.println("cat cast handler to HandlerMethod.class");
return true;
}
// 获取注解
Auth auth = ((HandlerMethod) handler).getMethod().getAnnotation(Auth.class);
if (auth == null) {
System.out.println("cant find @Auth in this uri:" + request.getRequestURI());
return true;
}
// 从参数中取出用户身份并验证
String admin = auth.user();
if (!admin.equals(request.getParameter("user"))) {
System.out.println("permission denied");
response.setStatus(403);
return false;
}
return true;
}
}
package com.example.demo.Util;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
public class ConfigAdapter extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/hello");
registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/fan");
}
}
package com.example.demo.Controller;
import com.example.demo.annotion.Auth;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
@RestController
@EnableAutoConfiguration
public class DemoController {
@Auth(user = "admin")
@RequestMapping(value = "/hello", method = RequestMethod.GET)
public String sayHello() {
return "这里是老师的相关内容1111";
}
@Auth(user = "admin")
@RequestMapping(value = "/fan", method = RequestMethod.GET)
public String sayWord() {
return "这里是学生的相关内容222";
}
}
通过参数进行对比