1.拦截器的作用 :
拦截请求,记录请求参数,响应参数,响应时间等.
package com.finance.cmp.dac.service.config;
import static com.finance.cmp.dac.common.enums.RequestStatus.FAIL;
import java.io.BufferedReader;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.finance.cmp.dac.cache.content.Constant;
import com.finance.cmp.dac.common.response.SingleBizResponse;
import com.finance.cmp.dac.dao.model.TIntraAccessConfig;
import com.finance.cmp.dac.service.common.RedisCacheService;
import com.finance.cmp.dac.service.util.AcStringUtils;
import com.finance.cmp.dac.service.util.JsonUtil;
import com.finance.cmp.dac.service.util.RequestWrapper;
import com.finance.cmp.dac.service.util.SessionUtil;
import lombok.extern.slf4j.Slf4j;
import net.sf.json.JSONObject;
/**
* @author 拦截请求,记录请求参数,响应参数,响应时间等
*/
@Slf4j
public class DacInterceptor implements HandlerInterceptor {
public static final String CONTENT_TYPE_FILE = "application/json";
private static RedisCacheService redisCacheService = getStringRedisTemplate();
/**
* 在请求处理之前进行调用(Controller方法调用之前)
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
long startTime = System.currentTimeMillis();
request.setAttribute("InterceptorStartTime", startTime);
//拦截get 请求
if ("GET".equals(request.getMethod())) {
if (!validateGet(request, response)) {
return false;
}
return true;
}
//拦截post请求
if (!validatePost(request, response)) {
return false;
}
return true;
}
//get
private boolean validateGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
//SysCode和SysSecret相当于是两把钥匙 调用方调用本系统必须带上这两个参数 一般
//是放在请求头中的 如果和本系统中配置的这两个参数不一致 则拒绝访问
String sysCode = request.getHeader("dacSysCode");
String sysSecret = request.getHeader("dacSysSecret");
SingleBizResponse resp = new SingleBizResponse();
if (AcStringUtils.isEmpty(sysCode) || AcStringUtils.isEmpty(sysSecret)) {
log.error("Missing head parameters! ");
response.setContentType("application/json; charset=utf-8");
response.setCharacterEncoding("utf-8");
resp.setRequestStatus(FAIL);
resp.setReturnMessage("Missing head parameters!");
response.getWriter().write(JsonUtil.convert(resp));
return false;
}
String serKey = Constant.REDIS_ACCESS_PREFIX + sysCode;
TIntraAccessConfig ts = (TIntraAccessConfig) redisCacheService.get(serKey);
if (ts == null || !sysSecret.equals(ts.getSysSecret())) {
log.error("head parameters error! ");
response.setContentType("application/json; charset=utf-8");
response.setCharacterEncoding("utf-8");
resp.setRequestStatus(FAIL);
resp.setReturnMessage("head parameters error!");
response.getWriter().write(JsonUtil.convert(resp));
return false;
}
return true;
}
//post
private boolean validatePost(HttpServletRequest request, HttpServletResponse response) throws IOException {
request = new RequestWrapper((HttpServletRequest) request);
String sysCode = request.getHeader("dacSysCode");
String sysSecret = request.getHeader("dacSysSecret");
log.info("sysCode :" + sysCode);
log.info("sysSecret :" + sysSecret);
BufferedReader br = request.getReader();
String str, wholeStr = "";
while ((str = br.readLine()) != null) {
wholeStr += str;
}
log.info("请求参数:{}", wholeStr);
if (br != null) {
br.close();
}
JSONObject requestPara = JSONObject.fromObject(wholeStr);
String requestNo = requestPara.getString("requestNo");
String requestTime = requestPara.getString("requestTime");
SingleBizResponse resp = new SingleBizResponse();
if (request.getContentType() == null || request.getContentType().indexOf(CONTENT_TYPE_FILE) < 0) {
log.error("request type and content_type_file not support! " + requestNo);
response.setContentType("application/json; charset=utf-8");
response.setCharacterEncoding("utf-8");
resp.setRequestStatus(FAIL);
resp.setReturnMessage("request type and content_type_file not support!" + requestNo);
response.getWriter().write(JsonUtil.convert(resp));
return false;
}
//判断钥匙是否为null
if (AcStringUtils.isEmpty(sysCode) || AcStringUtils.isEmpty(sysSecret)) {
log.error("Missing head parameters! " + requestNo);
response.setContentType("application/json; charset=utf-8");
response.setCharacterEncoding("utf-8");
resp.setRequestStatus(FAIL);
resp.setReturnMessage("Missing head parameters!" + requestNo);
response.getWriter().write(JsonUtil.convert(resp));
return false;
}
//判断钥匙是否正确
String serKey = Constant.REDIS_ACCESS_PREFIX + sysCode;
TIntraAccessConfig ts = (TIntraAccessConfig) redisCacheService.get(serKey);
if (ts == null || !sysSecret.equals(ts.getSysSecret())) {
log.error("head parameters error! " + requestNo);
response.setContentType("application/json; charset=utf-8");
response.setCharacterEncoding("utf-8");
resp.setRequestStatus(FAIL);
resp.setReturnMessage("head parameters error!" + requestNo);
response.getWriter().write(JsonUtil.convert(resp));
return false;
}
//判断请求是否超时
Long requestTi = Long.parseLong(requestTime);
Long s = (System.currentTimeMillis() - requestTi) / (1000 * 60);
if (s > 10) {
response.setContentType("application/json; charset=utf-8");
response.setCharacterEncoding("utf-8");
resp.setRequestStatus(FAIL);
resp.setReturnMessage("请求超时,请刷新后重试!" + requestNo);
response.getWriter().write(JsonUtil.convert(resp));
return false;
}
return true;
}
/**
* 请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
*/
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
}
/**
* 在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行(主要是用于进行资源清理工作)
*/
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
SessionUtil.clearCurrentToken();
}
private static RedisCacheService getStringRedisTemplate() {
if (redisCacheService == null) {
redisCacheService = SpringBeanLocator.getBean(RedisCacheService.class);
}
return redisCacheService;
}
}
其中的工具类:
1.JsonUtil
package com.finance.cmp.dac.service.util;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.jayway.jsonpath.JsonPath;
import lombok.extern.slf4j.Slf4j;
/**
* @ClassName: JsonUtil
* @author: zhangqb
* @CreateDate:
* @Description:
* @version: [V1.0]
*/
@Slf4j
public class JsonUtil {
private static ObjectMapper mapper;
public static String convert(Object obj) {
String result = null;
try {
result = getObjectMapper().writeValueAsString(obj);
} catch (Exception e) {
log.error("Jackson exception", e);
}
return result;
}
public static <T> T convert(String json, Class<T> t){
T obj = null;
try {
obj = getObjectMapper().readValue(json, t);
} catch (Exception e) {
log.error("Jackson exception", e);
}
return obj;
}
public static ObjectMapper getObjectMapper() {
synchronized (JsonUtil.class) {
if(mapper == null){
mapper = new ObjectMapper();
mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
}
}
return mapper;
}
public static JavaType getCollectionType(Class<?> collectionClass, Class<?>... elementClasses) {
return getObjectMapper().getTypeFactory().constructParametricType(collectionClass, elementClasses);
}
public static String readValUsingJsonPath(String json, String path) {
if (json == null || path == null) {
return null;
}
try {
Object val = JsonPath.read(json, "$." + path);
return val == null ? null : val.toString();
} catch (Exception ex) {
return null;
}
}
}
2.SingleBizResponse :
在这里插入代码片
package com.finance.cmp.dac.common.response;
import lombok.Data;
import lombok.ToString;
/**
* 单一业务数据响应
*
* @author zhangqb
* @date 2019/1/2
*/
@Data
@ToString(callSuper = true)
public class SingleBizResponse<T> extends BaseResponse {
/**
* 单个业务数据
*/
private T bizData;
}
package com.finance.cmp.dac.common.response;
import com.finance.cmp.dac.common.enums.RequestStatus;
import lombok.Data;
/**
* 内部响应基类
*
* @author xiongyu
* @date 2018/7/21
*/
@Data
public class BaseResponse {
/**
* 请求处理状态
*/
private RequestStatus requestStatus;
/**
* 返回消息
*/
private String returnMessage;
}
2.使用拦截器 :
在启动类中:
package com.finance.cmp.dac.web;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import com.finance.cmp.dac.service.config.DacInterceptor;
import tk.mybatis.spring.annotation.MapperScan;
/**
* 程序启动入口
*
* @author Darren
*/
@SpringBootApplication
@ComponentScan("com.finance.cmp.*")
@MapperScan(basePackages = "com.finance.cmp.dac.dao.mapper")
@EnableAsync
@EnableScheduling
@EnableDiscoveryClient
public class DacApplication extends WebMvcConfigurerAdapter{
private final static Logger logger = LoggerFactory.getLogger(DacApplication.class);
public static void main(String[] args) {
SpringApplication.run(DacApplication.class, args);
logger.info("DacApplication is success!");
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 多个拦截器组成一个拦截器链
// addPathPatterns 用于添加拦截规则
// excludePathPatterns 用户排除拦截
registry.addInterceptor(new DacInterceptor()).addPathPatterns("/api/dacApi/**");
super.addInterceptors(registry);
};
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
};
}
package com.finance.cmp.ruleEngine.web;
import com.finance.cmp.ruleEngine.service.util.BCInterceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import tk.mybatis.spring.annotation.MapperScan;
/**
* 程序启动入口
*
* @author Darren
*/
@SpringBootApplication
@EnableDiscoveryClient
@ComponentScan("com.finance.cmp.*")
@MapperScan(basePackages = "com.finance.cmp.ruleEngine.dao.mapper")
public class RuleEngineApplication extends WebMvcConfigurerAdapter {
private final static Logger logger = LoggerFactory.getLogger(RuleEngineApplication.class);
public static void main(String[] args) {
SpringApplication.run(RuleEngineApplication.class, args);
logger.info("RuleEngineApplication is success!");
}
/*@Override
public void addInterceptors(InterceptorRegistry registry) {
// 多个拦截器组成一个拦截器链
// addPathPatterns 用于添加拦截规则
// excludePathPatterns 用户排除拦截
registry.addInterceptor(new BCInterceptor()).addPathPatterns("/**")
.excludePathPatterns("/login")
.excludePathPatterns("/logout")
.excludePathPatterns("/login-timeout")
.excludePathPatterns("/illegal-request");
super.addInterceptors(registry);
};
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
};*/
}