ThreadLocal保存用户信息
创建本地 ThreadLocal 类
import top.lingchen.blogapi.bean.SysUser;
/**
* @Author 凌宸
* @create 2021-12-16 下午 8:35
* @Description
* @Version 1.0
*/
public class UserThreadLocal {
private UserThreadLocal(){
}
private static final ThreadLocal<SysUser> LOCAL = new ThreadLocal<>();
public static void put(SysUser sysUser){
LOCAL.set(sysUser);
}
public static SysUser get(){
return LOCAL.get();
}
public static void remove(){
LOCAL.remove();
}
}
在拦截器中奖成功登录的用户信息保存在 ThreadLocal 中
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import static top.lingchen.blogapi.vo.ErrorCode.*;
import top.lingchen.blogapi.bean.SysUser;
import top.lingchen.blogapi.service.TokenService;
import top.lingchen.blogapi.utils.UserThreadLocal;
import top.lingchen.blogapi.vo.Result;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @Author 凌宸
* @create 2021-12-16 下午 8:11
* @Description
* @Version 1.0
*/
@Component
@Slf4j
public class LoginInterceptor implements HandlerInterceptor {
@Autowired
private TokenService tokenService;
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
/**
* 1. 需要判断请求的接口路径是否为 HandlerMethod (controller 为例)
* 2. 判断 token 是否为空,如果为空,则未登录,需要拦截
* 3. 如果 token 不为空,登录验证
* 4. 如果认证成功,放行即可
*/
if(!(handler instanceof HandlerMethod)){
// 静态资源放行
return true;
}
String token = request.getHeader("Authorization");
log.info("=================request start===========================");
String requestURI = request.getRequestURI();
log.info("request uri:{}",requestURI);
log.info("request method:{}",request.getMethod());
log.info("token:{}", token);
log.info("=================request end===========================");
if(!StringUtils.hasLength(token)){
Result result = Result.fail(NO_LOGIN.getCode(), NO_LOGIN.getMsg());
response.setContentType("application/json;charset=utf-8");
response.getWriter().print(JSON.toJSONString(result));
return false;
}
SysUser sysUser = tokenService.checkToken(token);
if(sysUser == null){
Result result = Result.fail(NO_LOGIN.getCode(), NO_LOGIN.getMsg());
response.setContentType("application/json;charset=utf-8");
response.getWriter().print(JSON.toJSONString(result));
return false;
}
// 登录验证成功,放行
// 希望在 controller 中直接获取用户的信息,怎么获取?
// 将当前用户放入 ThreadLocal 保存
UserThreadLocal.put(sysUser);
return true;
}
@Override
public void afterCompletion(HttpServletRequest request,
HttpServletResponse response, Object handler, Exception ex) throws Exception {
// 如果不删除 ThreadLocal 中用完的信息,会有内存泄露的风险
UserThreadLocal.remove();
}
}
测试,在Controller 中直接获取登录用户信息
拦截器中需要配置对应请求路径的拦截
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import top.lingchen.blogapi.handler.LoginInterceptor;
/**
* @Author 凌宸
* @create 2021-12-14 下午 9:37
* @Description
* @Version 1.0
*/
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Autowired
private LoginInterceptor loginInterceptor;
@Override
public void addCorsMappings(CorsRegistry registry) {
// 跨域访问
registry.addMapping("/**")
.allowedOrigins("http://localhost:8080");
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(loginInterceptor)
.addPathPatterns("/test")
.addPathPatterns("/comments/create/change")
.addPathPatterns("/articles/publish");
}
}
在Controller 中直接得到当前用户信息
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import top.lingchen.blogapi.bean.SysUser;
import top.lingchen.blogapi.utils.UserThreadLocal;
import top.lingchen.blogapi.vo.Result;
/**
* @Author 凌宸
* @create 2021-12-16 下午 8:28
* @Description
* @Version 1.0
*/
@RestController
@RequestMapping("/test")
public class TestController {
@RequestMapping
public Result test(){
SysUser sysUser = UserThreadLocal.get();
System.out.println("sysUser = " + sysUser);
return Result.success(null);
}
}
ThreadLocal内存泄漏
实线代表强引用,虚线代表弱引用
每一个Thread维护一个ThreadLocalMap, key为使用弱引用的ThreadLocal实例,value为线程变量的副本。
强引用,使用最普遍的引用,一个对象具有强引用,不会被垃圾回收器回收。当内存空间不足,Java虚拟机宁愿抛出OutOfMemoryError错误,使程序异常终止,也不回收这种对象。
如果想取消强引用和某个对象之间的关联,可以显式地将引用赋值为null,这样可以使JVM在合适的时间就会回收该对象。
弱引用,JVM进行垃圾回收时,无论内存是否充足,都会回收被弱引用关联的对象。在java中,用java.lang.ref.WeakReference类来表示。