Spring MVC 构建拦截器
拦截器的作用:
1.权限控制:可以在拦截器中进行用户权限的验证,例如检查用户是否登录、是否具有特定的权限等。
2.日志记录:可以在拦截器中记录请求的相关信息,如请求的URL、参数、处理时间等,用于系统的日志记录和分析。
3.参数预处理:可以在拦截器中对请求参数进行预处理,如参数校验、参数转换等。
4.统一处理:可以在拦截器中进行一些统一的处理,如字符编码转换、异常处理等。
5.缓存控制:可以在拦截器中进行缓存的控制,如缓存的命中与更新。
配置流程:
1.首先以登录拦截为例,创建一个LoginInterceptor类,实现HandlerInterceptor接口,并重写preHandle(),postHandle(),afterCompletion()三个方法
package com.cqgcxy.interceptor;
import org.springframework.util.ObjectUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* 登录拦截器
*/
public class LoginInterceptor implements HandlerInterceptor {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//从请求头中获取字段“Authorization"字段的值
String authorization = request.getHeader("Authorization");
if(ObjectUtils.isEmpty(authorization)){
//设置响应字符编码
response.setCharacterEncoding("UTF-8");
//设置响应内容为”json“
response.setContentType("application/json;charset=utf-8");
//设置提示信息
response.getWriter().write("权限不足");
return false;
}
//从会话中获取Authorization字段的值所对应的对象
HttpSession session = request.getSession();
Object obj = session.getAttribute(authorization);
if(ObjectUtils.isEmpty(obj)){
response.getWriter().write("token已经过期");
return false;
}
return true;
}
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
2.在config包下的WebConfig类中配置Spring MVC项目的Web配置类
package com.cqgcxy.config;
import com.cqgcxy.interceptor.Loggerlnterceptor;
import com.cqgcxy.interceptor.LoginInterceptor;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.*;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
@Configuration
@EnableWebMvc
@ComponentScan("com.cqgcxy.cotroller")
public class WebConfig extends WebMvcConfigurerAdapter {
//视图解析器
@Override
public void configureViewResolvers(ViewResolverRegistry registry){
InternalResourceViewResolver resolver = new InternalResourceViewResolver();
resolver.setPrefix("/WEB-INF/views/");
resolver.setSuffix(".jsp");
resolver.setExposeContextBeansAsAttributes(true);
registry.viewResolver(resolver);
}
//配置对静态资源的处理
@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer){
configurer.enable();
}
//配置拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor())
.addPathPatterns(new String[]{"/**"})//拦截所有
.excludePathPatterns(new String[]{"/login"})//放行login
}
}
3.构建一个实体类
package com.cqgcxy.entity;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
@Data
@Setter
@Getter
public class Account {
private String userName;
private String password;
}
4.测试模拟数据
package com.cqgcxy.cotroller;
import com.cqgcxy.entity.Account;
import com.cqgcxy.untitl.Response;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.List;
import java.util.UUID;
@RestController
public class AccountController {
@RequestMapping(value = "/login",produces = "text/html;charset=UTF-8")
public String login(@RequestBody Account account, HttpSession session, HttpServletRequest request){
//模拟登录验证
if (account.getUserName().equals("admin") && account.getPassword().equals("123456")) {
UUID uuid = UUID.randomUUID();
String uuidString = uuid.toString();
request.setAttribute("uuidString",uuidString);
session.setAttribute(uuid.toString(),account);
return uuid.toString();
}
return "error";
}
}
5.使用PostMan软件进行测试
访问home.jsp,拦截成功输出权限不足
访问login,到这里已经拦截成功
如果还没有搭建好SpringMVC项目的小伙伴,可以去 SpringMVC入门项目搭建-注解篇-CSDN博客