一、概述
整体思路
- 用户输入账号密码进行登录
- 通过校验之后,返回token,并存储在特定位置,我存在了redis
- 用户携带token访问内部网站
- 过滤:根据token信息,查找redis是否有对应的值,匹配一致,则访问成功
过滤采取的形式是自定义注解+AOP切面的方式实现
通过注解实现AOP切面:https://blog.csdn.net/fendouderen/article/details/126463747
二、具体实现
1、创建springboot项目
2、创建了登录接口和网站内部接口
public class TestController {
@Autowired
private RedisTemplate redisTemplate;
@PostMapping("login")
public ResultJson login(@RequestBody One one){
// 定义了一个含账号、密码、姓名的实体类。
One two = new One();
two.setAccount(123456);
two.setPassword("123");
// token简单通过UUID来实现
String token = UUID.randomUUID() + "";
if(Objects.equals(one.getAccount(), two.getAccount()) && one.getPassword().equals(two.getPassword())){
// 登录成功则向redis中添加token
redisTemplate.opsForValue().set(one.getAccount().toString(),token);
// 这里自定义了ResultCode,大家可以改成String简单表示
return ResultJson.ok(ResultCode.SUCCESS);
}else{
return ResultJson.failure(ResultCode.LOGIN_ERROR);
}
}
// 自定义注解,后面会介绍
@Filter
@GetMapping("test1")
public ResultJson test(Integer account){
System.out.println("success");
return ResultJson.ok(ResultCode.SUCCESS);
}
}
3、实体类
@Data
public class One {
private Integer account;
private String password;
private String name;
}
4、切面类
@Aspect
@Component
public class LoginFilterAspect {
@Autowired
private RedisTemplate redisTemplate;
@Pointcut("@annotation(com.lxw.test1.annotation.Filter)")
public void FilterCut() {
}
@Around("FilterCut()")
public Object Filter(ProceedingJoinPoint joinPoint) {
// 1、获取传参
Object[] arg1 = joinPoint.getArgs();
Object token = redisTemplate.opsForValue().get(arg1[0].toString());
// 2、获取token
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
assert attributes != null;
HttpServletRequest request = attributes.getRequest();
String token1=request.getHeader("token");
Object result = null;
// 3、判断
if (token1.equals(token)) {
System.out.println("验证成功");
try {
result = joinPoint.proceed();
} catch (Throwable e) {
ResultJson.failure(ResultCode.UNAUTHORIZED);
}
return result;
} else {
return ResultJson.failure(ResultCode.UNAUTHORIZED);
}
}
}
5、注解配置
@Documented
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface Filter {
}