一、拦截器和跨域全局配置类
package com.hdl.back.configuration; import com.hdl.back.interceptor.BackInterceptor; import com.hdl.back.interceptor.FranchiseeInterceptor; import org.springframework.boot.SpringBootConfiguration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; @SpringBootConfiguration public class WebMvcConfigurer extends WebMvcConfigurationSupport { /** * 拦截器 * @param registry */ @Override protected void addInterceptors(InterceptorRegistry registry) { //后台拦截器 registry.addInterceptor(new BackInterceptor()).addPathPatterns("/back/**") .excludePathPatterns("/back/index/**"); //加盟商拦截器 registry.addInterceptor(new FranchiseeInterceptor()).addPathPatterns("/franchisee/**") .excludePathPatterns("/franchisee/employee/empslogins/**");//不拦截 super.addInterceptors(registry); } @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedOrigins("*") .allowedHeaders("*") .allowCredentials(true) .allowedMethods("GET", "POST", "DELETE", "PUT") .maxAge(3600); } }
以上配置了两个拦截器分别是:BackInterceptor()和FranchiseeInterceptor()
二、后台拦截器BackInterceptor()处理
package com.hdl.back.interceptor;
import com.hdl.back.entity.Employee;
import com.hdl.back.utils.JsonUtils;
import com.hdl.back.utils.ResultUtils;
import com.hdl.back.utils.enumUtils.ExceptionEnum;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Slf4j
public class BackInterceptor implements HandlerInterceptor {
/**
* 在请求处理之前进行调用(Controller方法调用之前)
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Employee employee = (Employee) request.getSession().getAttribute("employee");
response.setContentType("text/html;charset=UTF-8");
String origin = request.getHeader("Origin");
response.setHeader("Access-Control-Allow-Origin", origin);
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Allow-Headers","Origin,Content-Type,Accept,token,X-Requested-With");
response.setHeader("Access-Control-Allow-Credentials", "true");
if (employee == null) {
log.error("被拦截");
String jsonString = JsonUtils.objectToJson(ResultUtils.error(ExceptionEnum.NOT_LOGIN.getCode(), ExceptionEnum.NOT_LOGIN.getMsg()));
response.getWriter().write(jsonString);
return false;
}
return true;
}
/**
* 请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
*/
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
/**
* 在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行
* (主要是用于进行资源清理工作)
*/
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
三、前端请求
$.ajax({
contentType:'application/json',
xhrFields: {
withCredentials: true
},
type:"get",
url: url + "index/login1",
data:{ username: _user, password: pass },
success: function(data){
console.log(data);
},
error:function(data){
console.log(data)
}
});
红色部分为重点,这样配置就可以了
四、登录举例
后台登录成功:
request.getSession().setAttribute("employee",employee);