package com.geloin.spring.controller.dupsub;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target(value = { ElementType.METHOD })
@Retention(value = RetentionPolicy.RUNTIME)
public @interface Token {
boolean save() default false;
boolean remove() default false;
}
拦截器:
package com.geloin.spring.controller.dupsub;
import java.lang.reflect.Method;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class DupsubHander extends HandlerInterceptorAdapter{
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
if(handler instanceof HandlerMethod){
//将handler 转换成方法处理这方法
HandlerMethod handlerMethod = (HandlerMethod)handler;
//通过处理者拿到方法
Method method = handlerMethod.getMethod();
//通过方法拿到annotation
Token annotation = method.getAnnotation(Token.class);
if(annotation!=null){
boolean needSaveSession = annotation.save();
if(needSaveSession){
HttpSession session =request.getSession();
if(session!=null){
session.setAttribute("token", UUID.randomUUID().toString().replaceAll("-",""));
}
}
boolean needRemoveSession = annotation.remove();
if(needRemoveSession){
if(isPre(request)){
response.sendRedirect("dupu.html");;
return false;
}
request.getSession(false).removeAttribute("token");
}
return true;
}
}
return super.preHandle(request, response, handler);
}
public boolean isPre(HttpServletRequest request){
//獲取服務端的token
if(StringUtils.isEmpty(request.getSession(false).getAttribute("token"))){
return true;
}
//獲取客戶啊你單的token值
if(StringUtils.isEmpty(request.getParameter("token"))){
return true;
}
//不相同時候返回false
if(!request.getSession(false).getAttribute("token").toString().equals(request.getParameter("token").toString())){
return true;
}
return false;
}
}
MVC-content.xml拦截器配置:
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.geloin.spring.controller.dupsub.DupsubHander"></bean>
</mvc:interceptor>
</mvc:interceptors>
在提交页面:
<input type="hidden" value="${token}" name="token"/>
controller
package com.geloin.spring.controller;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import com.geloin.spring.controller.dupsub.Token;
import com.geloin.spring.entity.User;
@Controller
public class BinderTestController extends BaseCotroller{
@Token(save=true)
@RequestMapping(value="/productToken")
public String test1(HttpServletRequest request){
return "binder";
}
@Token(remove=true)
@RequestMapping(value="/produpsub")
public String produpsub(HttpServletRequest request,User user){
return "Success";
}
@RequestMapping(value="/dupu")
public String dupu(HttpServletRequest request){
return "dupsub";
}
}