在进行操作前,先判定用户是否登录
1.创建一个SellerAuthorizeAspect类
切面类
@Aspect
@Component
@Slf4j
public class SellerAuthorizeAspect {
}
2.在SellerAuthorizeAspect 中设置切入点
public class SellerAuthorizeAspect {
//是拦截对商品还有订单的操作,排除登陆登出的操作
@Pointcut("execution(public * com.jess.sell.controller.Seller*.*(..))" +
" && !execution(public * com.jess.sell.controller.SellerUserController.*(..))")
public void verify() {
}
}
3.在SellerAuthorizeAspect 中设置拦截后的操作,这里可以直接处理,也可以抛出一个异常来,然后拦截处理
@Before("verify()")
public void doVerify() {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest();
//查询 cookie
Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN);
if (cookie == null) { //没有登录
log.warn("【登录校验】 cookie中没有token");
throw new SellerAuthorizeException();
}
//查询 redis
String tokenValue = redisTemplate.opsForValue().get(String.format(RedisConstant.TOKEN_PREFIX, cookie.getValue()));
if(StringUtils.isEmpty(tokenValue)){
log.warn("【登录校验】 redis中没有token");
throw new SellerAuthorizeException();
}
}
异常拦截
SpringBoot自带异常拦截@ControllerAdvice
1.创建一个SellerExceptionHandler类
@ControllerAdvice
public class SellExceptionHandler {
private ProjectUrlConfig projectUrlConfig;
/**
* 拦截登录异常,并跳转到登录界面
* value = SellerAuthorizeException.class)表示拦截的异常为SellerAuthorizeException异常
*/
@ExceptionHandler(value = SellerAuthorizeException.class)
public ModelAndView handlerAuthorizeException(){
return new ModelAndView("redirect:"
.concat(projectUrlConfig.getWechatOpenAuthorize())
.concat("/sell/wechat/qrAuthorize")
.concat("?returnUrl=")
.concat(projectUrlConfig.getSell())
.concat("/sell/seller/login"));
}
}