上周学期了使用注解进行登录拦截器的创建,这里记录一下我如何使用xml的方式进行登录拦截器的创建。
首先,创建一个拦截器:
import org.springframework.util.ObjectUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginIntercepter implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String authorization = request.getHeader("Authorization");
if (ObjectUtils.isEmpty(authorization)) {
response.setCharacterEncoding("utf-8");
response.setContentType("application/json; charset=utf-8");
response.getWriter().write("权限不足");
return false;
}
HttpSession session = request.getSession();
Object obj = session.getAttribute(authorization);
if(ObjectUtils.isEmpty(obj)){
response.getWriter().write("token已过期");
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
然后,在spring-mvc.xml中配置拦截器:
<!-- 添加拦截器配置 -->
<mvc:interceptors>
<!-- 登录验证拦截器 -->
<mvc:interceptor>
<mvc:mapping path="/**" />
<mvc:exclude-mapping path="/login" />
<bean class="com.cqgcxy.intercepter.LoginIntercepter" />
</mvc:interceptor>
</mvc:interceptors>
在pom.xml中导入Lombok依赖:
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.20</version>
</dependency>
创建实体类Account:
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
@Data
@Getter
@Setter
public class Account {
private String userName;
private String passWord;
}
创建控制器:
import com.cqgcxy.entity.Account;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpSession;
import java.util.UUID;
@RestController
public class AccountController {
@RequestMapping(value = "/login",produces = "text/html;charset=utf-8")
public String login(@RequestBody Account account, HttpSession session) {
//模拟登录验证
if("admin".equals(account.getUsername())&&"123456".equals(account.getPassword())){
UUID uuid = UUID.randomUUID();
session.setAttribute(uuid.toString(),account);
return uuid.toString();
}
return "账号或密码错误";
}
}
运行代码,去postman里面验证:
这样就用xml创建拦截器成功了