首先我们要对那些操作进行拦截
@Aspect @Component @Slf4j public class SellerAuthorizeAspect { @Autowired private StringRedisTemplate redisTemplate; @Pointcut("execution(public * com.imooc.controller.Seller*.*(..))"+ "&& !execution(public * com.imooc.controller.SellerUserController.*(..))") public void verify(){} @Before("verify()") public void doVerify(){ ServletRequestAttributes requestAttribut=(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpServletRequest request = requestAttribut.getRequest(); //查询cookie Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN); if(cookie==null){ log.warn("[登陆校验]Cookie中查不到token"); throw new SellerAuthorizeException(); } //去redis里查询 String tokenValue = redisTemplate.opsForValue().get(String.format(RedisConstant.TOKEN_PREFIX, cookie.getValue())); if(StringUtils.isEmpty(tokenValue)){ log.warn("[登陆校验]Redis中查不到token"); throw new SellerAuthorizeException(); } } }
第二部,处理异常
@ControllerAdvice public class SellExceptionHandler { @Autowired private ProjectUrlConfig projectUrlConfig; //拦截登录异常 //http://sell.natapp4.cc/sell/wechat/qrAuthorize?returnUrl=http://sell.natapp4.cc/sell/seller/login @ExceptionHandler(value = SellerAuthorizeException.class) @ResponseStatus(HttpStatus.FORBIDDEN) public ModelAndView handlerAuthorizeException(){ return new ModelAndView("redirect:" .concat(projectUrlConfig.getWechatOpenAuthorize()) .concat("/wechat/qrAuthorize") .concat("?returnUrl=") .concat(projectUrlConfig.getSell()) .concat("/seller/login")); }