package com.seengene.ar.conent.restful.restful.config.loginFilter
import com.seengene.ar.conent.restful.restful.entity.Session
import com.seengene.ar.conent.restful.restful.server.RedisServer
import net.sf.json.JSONObject
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.web.servlet.HandlerInterceptor
import org.springframework.web.servlet.ModelAndView
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
public class LoginInterceptor implements HandlerInterceptor {
@Autowired
private RedisServer scenicUserRedisService
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
//跨越处理
response.setHeader("Access-Control-Allow-Origin", "*")
try {
Session session = scenicUserRedisService.getSession(request.getParameter("sid"))
System.out.println(session)
String token = request.getParameter("token")
if (session.getToken() == null) {
scenicUserRedisService.clearSession(request.getParameter("sid"))
throw new Exception()
}
if (!token.equals(session.getToken())) {
scenicUserRedisService.clearSession(request.getParameter("sid"))
throw new Exception()
}
} catch (Exception e) {
JSONObject jsonObject = new JSONObject()
jsonObject.put("code", 605)
jsonObject.put("status", "token error")
jsonObject.put("data", new JSONObject())
response.getWriter().write(jsonObject.toString())
return false
}
return true
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
}
}
package com.seengene.ar.conent.restful.restful.config.loginFilter
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.web.servlet.config.annotation.InterceptorRegistry
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
@Configuration
public class MyWebAppConfigurer
extends WebMvcConfigurerAdapter {
@Bean
LoginInterceptor loginInterceptor() {
return new LoginInterceptor()
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
super.addInterceptors(registry)
// 多个拦截器组成一个拦截器链
// addPathPatterns //用于添加拦截规则
// excludePathPatterns 用户排除拦截
registry.addInterceptor(loginInterceptor()).addPathPatterns("/webArContent/**")
.excludePathPatterns("/webArContent/login")
.excludePathPatterns("/webArContent/token")
.excludePathPatterns("/webArContent/callback")
.excludePathPatterns("/webArContent/addAppDownloadCount")
.excludePathPatterns("/webArContent/getAppDownloadCount")
}
}