配置
<mvc:interceptors>
<mvc:interceptor>
<!-- 拦截路径 -->
<mvc:mapping path="/**/*.zt"/>
<!-- 拦截类 -->
<bean class="com.szzt.yinyiApp.interceptor.TokenInterceptor"/>
</mvc:interceptor>
<mvc:interceptor>
<!-- 拦截路径 -->
<mvc:mapping path="/**/*.zt"/>
<!-- 拦截类 -->
<bean class="com.szzt.yinyiApp.interceptor.UserInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
实现类
TokenInterceptor.java
package com.szzt.yinyiApp.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.SignatureVerificationException;
import com.auth0.jwt.exceptions.TokenExpiredException;
import com.szzt.yinyiApp.bean.Constant;
public class TokenInterceptor implements HandlerInterceptor {
private Logger logger = Logger.getLogger(TokenInterceptor.class);
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
//完成拦截
}
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
//返回拦截
}
public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object handler) throws Exception {
String token = arg0.getHeader("token");
logger.info("token"+token);
try{
//验证token 取出身份标识
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(Constant.COMM_TOKEN_KEY))
.build();
verifier.verify(token);
return true;
}catch (TokenExpiredException e){
System.out.println("token过期");
}catch (SignatureVerificationException e){
System.out.println("验证失败");
}catch (Exception e){
System.out.println("验证失败");
}
String re = "{\"statusCode\":\""+Constant.COMM_TOKEN_ERRER+"\",\"message\":\"token验证失败\",\"data\":null}";
arg1.getWriter().write(re);
return false;
}
}
UserInterceptor.java
package com.szzt.yinyiApp.interceptor;
import java.util.Map;
import org.springframework.ui.ModelMap;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.context.request.WebRequestInterceptor;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.SignatureVerificationException;
import com.auth0.jwt.exceptions.TokenExpiredException;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.szzt.yinyiApp.bean.Constant;
public class UserInterceptor implements WebRequestInterceptor {
public void afterCompletion(WebRequest arg0, Exception arg1)
throws Exception {
// TODO Auto-generated method stub
}
public void postHandle(WebRequest arg0, ModelMap arg1) throws Exception {
// TODO Auto-generated method stub
}
public void preHandle(WebRequest arg0) throws Exception {
String token = arg0.getHeader("token");
try{
//验证token 取出身份标识
JWTVerifier verifier = JWT.require(Algorithm.HMAC256(Constant.COMM_TOKEN_KEY))
.build();
DecodedJWT jwt = verifier.verify(token);
Map<String, Claim> claims = jwt.getClaims();
String phoneNo = claims.get("phoneNo").asString();
arg0.setAttribute("phoneNo",phoneNo,WebRequest.SCOPE_REQUEST);
}catch (TokenExpiredException e){
System.out.println("token过期");
}catch (SignatureVerificationException e){
System.out.println("验证失败");
}catch (Exception e){
System.out.println("验证失败");
}
}
}