springboot使用自定义注解+拦截器问题
1. 原配置
自定义注解
@LoginRequired
package com.nowcoder.community.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 该注解是用来标识方法需不需要在登陆的状态下才能访问
*/
@Target(ElementType.METHOD) //表示该该注解需要作用在方法上
@Retention(RetentionPolicy.RUNTIME) //声明该注解有效的时长,RUNTIME 程序运行时才有效
public @interface LoginRequired {
}
拦截器配置
package com.nowcoder.community.controller.interceptor;
import com.nowcoder.community.annotation.LoginRequired;
import com.nowcoder.community.util.HostHolder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
/**
* 定义拦截器来拦截带有注解 @LoginRequired 的方法
*/
@Component
public class LoginRequiredInterceptor implements HandlerInterceptor {
@Autowired
private HostHolder hostHolder;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 判断拦截的目标
if (handler instanceof HandlerMethod){
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
LoginRequired loginRequired = method.getAnnotation(LoginRequired.class);
if (loginRequired != null && hostHolder.getUser() == null){
response.sendRedirect(request.getContextPath() + "/login");
return false;
}
}
return true;
}
}
WebMvcConfig 拦截器配置类
package com.nowcoder.community.config;
import com.nowcoder.community.controller.interceptor.AlphaInterceptor;
import com.nowcoder.community.controller.interceptor.LoginRequiredInterceptor;
import com.nowcoder.community.controller.interceptor.LoginTicketInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* 拦截器配置类
*/
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Autowired
private AlphaInterceptor alphaInterceptor; //拦截器测试
@Autowired
private LoginTicketInterceptor loginTicketInterceptor;
@Autowired
private LoginRequiredInterceptor loginRequiredInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(alphaInterceptor).
excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg").
addPathPatterns("/register", "/login");
registry.addInterceptor(loginTicketInterceptor).
excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
registry.addInterceptor(loginRequiredInterceptor).
excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
}
}
Controller 层
package com.nowcoder.community.controller;
import com.nowcoder.community.annotation.LoginRequired;
import com.nowcoder.community.entity.User;
import com.nowcoder.community.service.UserService;
import com.nowcoder.community.util.CommunityUtil;
import com.nowcoder.community.util.HostHolder;
import com.sun.deploy.net.HttpResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
@Controller
@RequestMapping("/user")
public class UserController {
private static final Logger logger = LoggerFactory.getLogger(UserController.class);
@Value("${community.path.upload}")
private String uploadPath;
@Value("${community.path.domain}")
private String domain;
@Value("${server.servlet.context-path}")
private String contextPath;
@Autowired
private UserService userService;
@Autowired
private HostHolder hostHolder;
@LoginRequired
@RequestMapping(path = "/setting", method = RequestMethod.GET) //使用自定义注解进行过滤时
public String getSettingPage(){
return "/site/setting";
}
//处理上传文件的请求。上传的时候表单的提交方式必须是 post
@LoginRequired
@RequestMapping(path = "/upload", method = RequestMethod.POST)
public String uploadHeader(MultipartFile headerImage, Model model){
if (headerImage == null){
model.addAttribute("error", "您还没有选择图片!");
return "/site/setting";
}
String filename = headerImage.getOriginalFilename();
String suffix = filename.substring(filename.lastIndexOf("."));
if (StringUtils.isBlank(suffix)){
model.addAttribute("error", "文件的格式不正确!");
return "/site/setting";
}
//生成随机文件名
filename = CommunityUtil.generateUUID() + suffix;
//确定文件存放的路径(本地资源路径)
File dest = new File(uploadPath + "/" + filename);
try {
//存储文件
headerImage.transferTo(dest);
} catch (IOException e) {
logger.error("上传文件失败!" + e.getMessage());
throw new RuntimeException("上传文件失败,服务器发生异常!", e);
}
//更新当前用户的头像路径(web 访问路径。注意与本地资源路径的区别)
// 例:http://localhost:8080/community/user/header/xxx.png
User user = hostHolder.getUser();
String headerUrl = domain + contextPath + "/user/header/" + filename;
userService.updateHeader(user.getId(), headerUrl);
return "redirect:/index";
}
@RequestMapping(path = "/header/{filename}", method = RequestMethod.GET)
public void getHeader(@PathVariable("filename") String filename, HttpServletResponse response){
// 服务器存放的路径
filename = uploadPath + "/" + filename;
// 文件的后缀
String suffix = filename.substring(filename.lastIndexOf("."));
//响应图片
response.setContentType("image/" + suffix);
try(
FileInputStream fis = new FileInputStream(filename);
OutputStream os = response.getOutputStream();
) {
byte[] buffer = new byte[1024];
int b = 0;
while ((b = fis.read(buffer)) != -1){
os.write(buffer, 0, b);
}
} catch (IOException e) {
logger.error("读取头像失败" + e.getMessage());
throw new RuntimeException("读取头像失败", e);
}
}
@LoginRequired
@RequestMapping(path = "/password", method = RequestMethod.POST)
public String updatePassword(String passwordOld, String passwordNew, String passwordWordConfirm, Model model){
//input输入的数据在html既有已经判断了输入字段是否为空,所以不用再在controller中判断了
User user = hostHolder.getUser();
if (!userService.passwordConfirm(user.getId(), passwordOld)){
model.addAttribute("passwordOldMsg", "原始密码有误!");
return "/site/setting";
}
if (!passwordNew.equals(passwordWordConfirm)){
model.addAttribute("passwordWordConfirmMsg", "两次密码不一致!");
return "/site/setting";
}
userService.updatePassword(user.getId(), passwordNew);
return "redirect:/index";
}
}
2. 问题
- 未登录状态访问 http://localhost:8080/community/user/setting 时被成功拦截,其无法访问,跳转到 http://localhost:8080/community/login
- 未登录状态下访问 http://localhost:8080/community/user/upload 时出现错误,浏览器显示
无法跳转到http://localhost:8080/community/login
- 未登录状态下访问 http://localhost:8080/community/user/password 时出现错误,浏览器显示
无法跳转到http://localhost:8080/community/login
3. 修改配置
自定义注解(未变)
@LoginRequired
package com.nowcoder.community.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 该注解是用来标识方法需不需要在登陆的状态下才能访问
*/
@Target(ElementType.METHOD) //表示该该注解需要作用在方法上
@Retention(RetentionPolicy.RUNTIME) //声明该注解有效的时长,RUNTIME 程序运行时才有效
public @interface LoginRequired {
}
拦截器配置(未变)
package com.nowcoder.community.controller.interceptor;
import com.nowcoder.community.annotation.LoginRequired;
import com.nowcoder.community.util.HostHolder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
/**
* 定义拦截器来拦截带有注解 @LoginRequired 的方法
*/
@Component
public class LoginRequiredInterceptor implements HandlerInterceptor {
@Autowired
private HostHolder hostHolder;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 判断拦截的目标
if (handler instanceof HandlerMethod){
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
LoginRequired loginRequired = method.getAnnotation(LoginRequired.class);
if (loginRequired != null && hostHolder.getUser() == null){
response.sendRedirect(request.getContextPath() + "/login");
return false;
}
}
return true;
}
}
WebMvcConfig 配置(未变)
package com.nowcoder.community.config;
import com.nowcoder.community.controller.interceptor.AlphaInterceptor;
import com.nowcoder.community.controller.interceptor.LoginRequiredInterceptor;
import com.nowcoder.community.controller.interceptor.LoginTicketInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* 拦截器配置类
*/
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Autowired
private AlphaInterceptor alphaInterceptor; //拦截器测试
@Autowired
private LoginTicketInterceptor loginTicketInterceptor;
@Autowired
private LoginRequiredInterceptor loginRequiredInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(alphaInterceptor).
excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg").
addPathPatterns("/register", "/login");
registry.addInterceptor(loginTicketInterceptor).
excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
registry.addInterceptor(loginRequiredInterceptor).
excludePathPatterns("/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg");
}
}
Conreoller层(改变)
package com.nowcoder.community.controller;
import com.nowcoder.community.annotation.LoginRequired;
import com.nowcoder.community.entity.User;
import com.nowcoder.community.service.UserService;
import com.nowcoder.community.util.CommunityUtil;
import com.nowcoder.community.util.HostHolder;
import com.sun.deploy.net.HttpResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
@Controller
@RequestMapping("/user")
public class UserController {
private static final Logger logger = LoggerFactory.getLogger(UserController.class);
@Value("${community.path.upload}")
private String uploadPath;
@Value("${community.path.domain}")
private String domain;
@Value("${server.servlet.context-path}")
private String contextPath;
@Autowired
private UserService userService;
@Autowired
private HostHolder hostHolder;
@LoginRequired
@RequestMapping(path = "/setting", method = {RequestMethod.GET, RequestMethod.POST}) //修改method = RequestMethod.GET 为 method = {RequestMethod.GET, RequestMethod.POST}
public String getSettingPage(){
return "/site/setting";
}
//处理上传文件的请求。上传的时候表单的提交方式必须是 post
@LoginRequired
@RequestMapping(path = "/upload", method = {RequestMethod.GET, RequestMethod.POST})
//修改method = RequestMethod.GET 为 method = {RequestMethod.GET, RequestMethod.POST}
public String uploadHeader(MultipartFile headerImage, Model model){
if (headerImage == null){
model.addAttribute("error", "您还没有选择图片!");
return "/site/setting";
}
String filename = headerImage.getOriginalFilename();
String suffix = filename.substring(filename.lastIndexOf("."));
if (StringUtils.isBlank(suffix)){
model.addAttribute("error", "文件的格式不正确!");
return "/site/setting";
}
//生成随机文件名
filename = CommunityUtil.generateUUID() + suffix;
//确定文件存放的路径(本地资源路径)
File dest = new File(uploadPath + "/" + filename);
try {
//存储文件
headerImage.transferTo(dest);
} catch (IOException e) {
logger.error("上传文件失败!" + e.getMessage());
throw new RuntimeException("上传文件失败,服务器发生异常!", e);
}
//更新当前用户的头像路径(web 访问路径。注意与本地资源路径的区别)
// 例:http://localhost:8080/community/user/header/xxx.png
User user = hostHolder.getUser();
String headerUrl = domain + contextPath + "/user/header/" + filename;
userService.updateHeader(user.getId(), headerUrl);
return "redirect:/index";
}
@RequestMapping(path = "/header/{filename}", method = RequestMethod.GET)
public void getHeader(@PathVariable("filename") String filename, HttpServletResponse response){
// 服务器存放的路径
filename = uploadPath + "/" + filename;
// 文件的后缀
String suffix = filename.substring(filename.lastIndexOf("."));
//响应图片
response.setContentType("image/" + suffix);
try(
FileInputStream fis = new FileInputStream(filename);
OutputStream os = response.getOutputStream();
) {
byte[] buffer = new byte[1024];
int b = 0;
while ((b = fis.read(buffer)) != -1){
os.write(buffer, 0, b);
}
} catch (IOException e) {
logger.error("读取头像失败" + e.getMessage());
throw new RuntimeException("读取头像失败", e);
}
}
@LoginRequired
@RequestMapping(path = "/password", method = {RequestMethod.GET, RequestMethod.POST})
//修改method = RequestMethod.GET 为 method = {RequestMethod.GET, RequestMethod.POST}
public String updatePassword(String passwordOld, String passwordNew, String passwordWordConfirm, Model model){
//input输入的数据在html既有已经判断了输入字段是否为空,所以不用再在controller中判断了
User user = hostHolder.getUser();
if (!userService.passwordConfirm(user.getId(), passwordOld)){
model.addAttribute("passwordOldMsg", "原始密码有误!");
return "/site/setting";
}
if (!passwordNew.equals(passwordWordConfirm)){
model.addAttribute("passwordWordConfirmMsg", "两次密码不一致!");
return "/site/setting";
}
userService.updatePassword(user.getId(), passwordNew);
return "redirect:/index";
}
}
4. 结果
- 未登录状态访问 http://localhost:8080/community/user/setting 时被成功拦截,其无法访问,跳转到 http://localhost:8080/community/login
- 未登录状态访问 http://localhost:8080/community/user/upload 时被成功拦截,其无法访问,跳转到 http://localhost:8080/community/login
- 未登录状态访问 http://localhost:8080/community/user/password 时被成功拦截,其无法访问,跳转到 http://localhost:8080/community/login