当我们后台某些方法或应用被调用时,我们一般要对请求的方法进行拦截,判断请求是否合法,比如是否登录,某些参数是否正确等等。
Springboot2.0之后通过WebMvcConfigurer的来实现拦截器。
自定义拦截器,实现HandlerInterceptor接口
1. public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
请求访问到controller之前拦截,比如用户如果没有登录,则拦截,请求被拒绝
2. public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView)
请求访问到controller之后,渲染试图之前
3. public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
请求访问到controller之后,渲染试图之后
package com.db.interceptors;
import com.db.pojo.AppUser;
import com.db.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class UserInterceptor implements HandlerInterceptor {
@Autowired
private UserService userService;
/**
* 请求访问到controller之前拦截
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String userId = request.getParameter("userId");
if (null == userId || "".equalsIgnoreCase(userId)) {
System.out.println("请求非法!");
return false;
}
AppUser userInfo = userService.getUser(userId);
if (null == userInfo) {
System.out.println("用户不存在!");
return false;
}
return true;
}
/**
* 请求访问到controller之后,渲染试图之前
*/
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
/**
* 请求访问到controller之后,渲染试图之后
*/
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
拦截器配置类,实现WebMvcConfigurer接口
package com.db.config;
import com.db.interceptors.UserInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Bean
public UserInterceptor userInterceptor(){return new UserInterceptor();}
@Override
public void addInterceptors(InterceptorRegistry registry) {
/*
*addInterceptor 拦截器类
*addPathPatterns拦截请求路径
*/
registry.addInterceptor(userInterceptor())
.addPathPatterns("/user/getUserInfoByUserId")
.addPathPatterns("/user/getAllUserInfo");
}
}
WebMvcConfigurer另外常用方法
addViewControllers:页面跳转
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/toLogin").setViewName("login");
}
configureViewResolvers:视图解析器
/**
* 配置请求视图映射
* @return
*/
@Bean
public InternalResourceViewResolver resourceViewResolver()
{
InternalResourceViewResolver internalResourceViewResolver = new InternalResourceViewResolver();
//请求视图文件的前缀地址
internalResourceViewResolver.setPrefix("/WEB-INF/jsp/");
//请求视图文件的后缀
internalResourceViewResolver.setSuffix(".jsp");
return internalResourceViewResolver;
}
/**
* 视图配置
* @param registry
*/
@Override
public void configureViewResolvers(ViewResolverRegistry registry) {
super.configureViewResolvers(registry);
registry.viewResolver(resourceViewResolver());
/*registry.jsp("/WEB-INF/jsp/",".jsp");*/
}
目前SpringCloud项目或者微服务项目,前后端都会进行分离,所以页面跳转和视图解析器可能会比较少,如果是我们SpringMVC项目,一般会在xml配置这些内容。
addCorsMappings:跨域
@Override
public void addCorsMappings(CorsRegistry registry) {
super.addCorsMappings(registry);
registry.addMapping("/cors/**")
.allowedHeaders("*")
.allowedMethods("POST","GET")
.allowedOrigins("*");
}
如果不使用WebMvcConfigurer的addCorsMappings实现跨域,也可以自己写过滤器实现,如下:
@Configuration
public class CorsConfig {
public CorsConfig() {
}
@Bean
public CorsFilter corsFilter() {
// 1. 添加cors配置信息
CorsConfiguration config = new CorsConfiguration();
config.addAllowedOrigin("*");
// 设置是否发送cookie信息
config.setAllowCredentials(true);
// 设置允许请求的方式
config.addAllowedMethod("*");
// 设置允许的header
config.addAllowedHeader("*");
// 2. 为url添加映射路径
UrlBasedCorsConfigurationSource corsSource = new UrlBasedCorsConfigurationSource();
corsSource.registerCorsConfiguration("/**", config);
// 3. 返回重新定义好的corsSource
return new CorsFilter(corsSource);
}
}
更多方法的详细说明和实现可参考https://blog.csdn.net/zhangpower1993/article/details/89016503
测试拦截器
浏览器输入拦截器拦截的路径
http://localhost:8090/user/getUserInfoByUserId?userId=1011
后台控制台输出
http://localhost:8090/user/getUserInfoByUserId?userId=1011