springboot使用拦截器
1.使用后的效果
当用户想跳过登陆,进入网站的其他页面时就不能访问
2.新建一个intercepter类
package com.how2java.springboot.utils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
// 拦截器
public class interceptor implements HandlerInterceptor {
//拦截(Controller方法调用之前)
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object
o) throws Exception {
// 如果state中有值的话,进入想进的页面,否则被拦截,进入登陆页面
if (request.getSession().getAttribute("state") == null) {
// 拦截至登陆页面
request.getRequestDispatcher("/enterUserLogin").forward(request, response);
System.out.println("访问了不该访问的页面,被拦截,进入登陆界面");
// false为不通过
return false;
}
System.out.println("可以访问,放行");
// true为通过
return true;
}
// 此方法为处理请求之后调用(调用过controller方法之后,跳转视图之前)
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o,
ModelAndView modelAndView) throws Exception {
}
// 此方法为整个请求结束之后进行调用
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,
Object o, Exception e) throws Exception {
}
}
3.新建一个interceptorConfig类
import com.how2java.springboot.utils.interceptor;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
// 拦截器配置类
@Component
public class interceptorConfig extends WebMvcConfigurerAdapter {
@Override
public void addInterceptors(InterceptorRegistry registry) {
/**
* 这里的addPathPatterns("/**")为配置需要拦截的方法“/**”代表所有,而后excludePathPatterns("/enterAdminLogin")等方法为排除哪些方法不进行拦截,excludePathPatterns("static/**")表示不拦截静态资源
*/
registry.addInterceptor(new interceptor()).addPathPatterns("/**").excludePathPatterns("/enterAdminLogin").excludePathPatterns
("/enterUserLogin").excludePathPatterns("/enterUserRegister").excludePathPatterns("static/**");
super.addInterceptors(registry);
}
}
4.测试
4.1 访问登陆页面(能进入,前面已经放开)
//访问普通用户登陆页面
@RequestMapping("/enterUserLogin")
public String enterUserLogin(HttpSession session){
session.setAttribute("state" ,"用户登陆");
return "userLogin";
}
测试结果
4.2 访问一个不该访问的页面(跳转到登陆页面)
//跳转到生活分享
@RequestMapping("/enterliveSharp")
public String enterliveSharp(){return "blogBefore/liveSharp";}
访问:http://127.0.0.1:8016/enterliveSharp
测试结果