@Configuration
public class AdminSecurityConfig extends WebMvcConfigurerAdapter {
@Autowired
LoginConfig loginConfig;
public final static String SESSION_KEY = "token";
@Bean
public SecurityInterceptor getSecurityInterceptor() {
return new SecurityInterceptor();
}
public void addInterceptors(InterceptorRegistry registry) {
InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor());
//排除的路径
addInterceptor.excludePathPatterns("/error");
addInterceptor.excludePathPatterns("/login**");
addInterceptor.excludePathPatterns("/findByAdminAndPassword");
//拦截所有路径
addInterceptor.addPathPatterns("/**");
}
private class SecurityInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
HttpSession session = request.getSession();
//判断是否已有该用户登录的session
if (session.getAttribute(SESSION_KEY) != null) {
return true;
}
//跳转到登录页
response.sendRedirect(loginConfig.getPageUrl());
return false;
}
}
}
springboot配置最简单的登陆拦截
最新推荐文章于 2024-04-18 11:19:00 发布