Springboot添加拦截器
Springboot添加拦截器
该实例主要是简单登录添加tokenid,用于限制url请求安全性。
1、自定义拦截器
@Configuration
public class TokenInterceptor implements HandlerInterceptor {
private Logger logger = LoggerFactory.getLogger(TokenInterceptor.class);
@Autowired(required=true)
private RedisCache redisCache;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//添加token_id验证请求是否合法user.getId()+"-"+user.getWorkerType()
String url = request.getRequestURI();
logger.info(url);
String token = request.getHeader("token_id");
System.out.println(token);
String o = (String)redisCache.redisTemplate.opsForValue().get("token_id" + "-" + request.getParameter("workerId") + "-" + request.getParameter("workerType"));
if(token == null || o == null || !token.equals(o)){
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null ;
try{
Map<String,String> requestFalse = new HashMap<>();
requestFalse.put("code","401");
requestFalse.put("msg","请重新登录!");
response.setContentType("application/json");
String json= JSONObject.toJSONString(requestFalse).toString();
out = response.getWriter();
// 返回json信息给前端
out.append(json);
out.flush();
return false;
} catch (Exception e){
e.printStackTrace();
response.sendError(500);
return false;
}
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
}
2、注册自定义拦截器
将自定义的拦截器类注入到springboot的ioc容器中,在ResourcesConfig 中配置拦截的url地址和需要放行的url地址以及静态资源。
@Configuration
public class ResourcesConfig implements WebMvcConfigurer {
@Autowired
private TokenInterceptor tokenInterceptor;
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
/** 本地文件上传路径 */
registry.addResourceHandler(Constants.RESOURCE_PREFIX + "/**").addResourceLocations("file:" + CommonConfig.getProfile() + "/");
/** swagger配置 */
registry.addResourceHandler("swagger-ui.html").addResourceLocations("classpath:/META-INF/resources/");
registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
}
/**
* 自定义拦截规则
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(repeatSubmitInterceptor).addPathPatterns("/**");
//设置家政公司端、家政人员端、管家端url拦截
String[] addPathPatterns = {
"/api/worker/**",
"/api/business/**",
"/api/panicbuying/**",
"/api/butler/**"
};
registry.addInterceptor(tokenInterceptor).addPathPatterns(addPathPatterns)
.excludePathPatterns("/api/business/sys/rolelogin")
.excludePathPatterns("/swagger-resources/**", "/webjars/**", "/v2/**", "/swagger-ui.html/**")
.excludePathPatterns("/api/business/getHomeCount");
}
/**
* 跨域配置
*/
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
// 设置访问源地址
config.addAllowedOrigin("*");
// 设置访问源请求头
config.addAllowedHeader("*");
// 设置访问源请求方法
config.addAllowedMethod("*");
// 对接口配置跨域设置
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
}