1.mvc拦截器
package com.ttfund.crm.aspect;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* @author gukaikai
* @date 2021/8/20 14:00
* @description mvc拦截器
*/
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 添加拦截器,所有路径都拦截 放行swagger路径
registry.addInterceptor(new TokenInterceptor()).addPathPatterns("/**")
.excludePathPatterns("/swagger-resources/**", "/webjars/**", "/v2/**", "/swagger-ui.html/**");
}
private CorsConfiguration corsConfig() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
/* 请求常用的三种配置,*代表允许所有,也可以自定义属性(比如header只能带什么,只能是post方式等等)
*/
corsConfiguration.addAllowedOrigin("*");
corsConfiguration.addAllowedHeader("*");
corsConfiguration.addAllowedMethod("*");
corsConfiguration.setAllowCredentials(true);
corsConfiguration.setMaxAge(3600L);
return corsConfiguration;
}
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", corsConfig());
return new CorsFilter(source);
}
}
2.不需要校验token注解
package com.ttfund.crm.aspect;
import java.lang.annotation.*;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
/**
* @author gukaikai
* @date 2021/8/20 10:09
* @description 不需要校验token注解
*/
public @interface NotToken {
}
3.获取请求参数
package com.ttfund.crm.aspect;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.*;
/**
* @author gukaikai
* @date 2021/8/20 10:04
* @description
*/
public class RequestWrapper extends HttpServletRequestWrapper {
private final String body;
public RequestWrapper(HttpServletRequest request) {
super(request);
StringBuilder stringBuilder = new StringBuilder();
BufferedReader bufferedReader = null;
InputStream inputStream = null;
try {
inputStream = request.getInputStream();
if (inputStream != null) {
bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
char[] charBuffer = new char[128];
int bytesRead = -1;
while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
stringBuilder.append(charBuffer, 0, bytesRead);
}
} else {
stringBuilder.append("");
}
} catch (IOException ex) {
ex.printStackTrace();
} finally {
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (bufferedReader != null) {
try {
bufferedReader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
body = stringBuilder.toString();
}
@Override
public ServletInputStream getInputStream() {
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes());
ServletInputStream servletInputStream = new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() {
return byteArrayInputStream.read();
}
};
return servletInputStream;
}
@Override
public BufferedReader getReader() {
return new BufferedReader(new InputStreamReader(this.getInputStream()));
}
public String getBody() {
return this.body;
}
}
package com.ttfund.crm.aspect;
import com.ttfund.crm.utils.StringUtil;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
/**
* @author gukaikai
* @date 2021/8/21 10:20
* @description
*/
@Component
@WebFilter(urlPatterns = "/*", filterName = "channelFilter")
public class ChannelsFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
ServletRequest requestWrapper = null;
if (servletRequest instanceof HttpServletRequest) {
String contentType = servletRequest.getContentType();
if (StringUtil.isNotEmpty(contentType)&&contentType.equals("application/json")) {
requestWrapper = new RequestWrapper((HttpServletRequest) servletRequest);
}
}
if (requestWrapper == null) {
filterChain.doFilter(servletRequest, servletResponse);
} else {
filterChain.doFilter(requestWrapper, servletResponse);
}
}
@Override
public void destroy() {
}
}
5.token拦截器
package com.ttfund.crm.aspect;
import com.alibaba.fastjson.JSONObject;
import com.ttfund.crm.utils.StringUtil;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;
/**
* @author gukaikai
* @date 2021/8/20 10:04
* @description 校验token
*/
public class TokenInterceptor extends HandlerInterceptorAdapter {
String token="E16DB7EE293748D8B3D1736173286A9D";
// 在方法执行前校验token
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
// 下面两个判断是基于注解,判断接口上是否配置了自定义注解,只有在未添加了自定义注解才校验token
// 因为拦截器只想在需要token信息的接口做校验
if(!(handler instanceof HandlerMethod)) {
return true;
}
HandlerMethod handlerMethod = (HandlerMethod)handler;
NotToken apiSecret = handlerMethod.getMethodAnnotation(NotToken.class);
if (!Objects.isNull(apiSecret)) {
return true;
}
String contentType = request.getHeader("content-type");
String Token = "";
if (contentType==null)
{
Token = request.getHeader("Token");
}
else {
if (contentType.equals("application/x-www-form-urlencoded")) {
token = request.getParameter("Token");
} else if (contentType.equals("application/json")) {
RequestWrapper requestWrapper = new RequestWrapper(request);
String body = requestWrapper.getBody();
JSONObject datas = JSONObject.parseObject(body);
Token = (String) datas.get("Token");
}
}
if (!StringUtil.isEmpty(token) && token.equals(Token)){
return true;
}
return false;
}
}