spring为我们提供了适配器org.springframework.web.servlet.handler.HandlerInterceptorAdapter,继承此类可以编写自己的拦截器
例一:
登录验证拦截器:
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class LoginInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String userId = request.getRemoteUser();
// 未登录
if (StringUtils.isBlank(userId)) {
response.setContentType("text/html");
response.setCharacterEncoding("utf-8");
PrintWriter out = response.getWriter();
StringBuilder builder = new StringBuilder();
builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");
builder.append("alert(\"登录超时,请刷新页面重新登录!\");");
builder.append("</script>");
out.print(builder.toString());
out.close();
return false;
}
return true;
}
}
例二:
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 未登录状态下也要可以操作自选股
String anonymous_authorization = request.getHeader("anonymous_authorization");
//获取header中的token
String token = request.getHeader("authorization");
if (null == token && StringUtils.isEmpty(anonymous_authorization)) {
throw new TengException(ParamField.ERROR_CODE_20302002, "token不能为空");
}
Map<String, Object> paraMap = new HashMap<String, Object>();
paraMap.put("token", token);
//发送https请求
String reString = HttpUtils.sendHttpsPost(authURL, paraMap);
if (ResultUtil.isSuccess(reString)) {
//获取结果集
JSONObject obj = JSON.parseObject(reString);
String data = obj.getString("data");
UserInfo userInfo = JSON.parseObject(data, UserInfo.class);
request.setAttribute("user_id", userInfo.getAuth_id());
request.setAttribute("system_id", userInfo.getUser_source());
return true;
} else {
return false;
}
}
重写方法public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
可以进行预处理
方法说明:
在preHandle中,可以进行编码、安全控制等处理;
在postHandle中,有机会修改ModelAndView;
在afterCompletion中,可以根据ex是否为null判断是否发生了异常,进行日志记录。