添加一个拦截器,用于拦截token过期的请求,直接返回错误提示,不交给Controller处理
public class TokenInterceptor implements HandlerInterceptor {
//一小时内不操作,则token失效
public static final long tokenExpireDuration = 1 * 60 * 60 * 1000;
//在这里可以拦截请求,false表示不再继续处理
//controller以及postHandle方法,afterCompletion方法都不会执行
//直接返回当前的response
@Override
@SneakyThrows
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
String userToken = request.getHeader("userToken");
//token不存在或过期
if (userToken == null || ValueRepo.tokenMap.get(userToken) == null || ValueRepo.tokenExpireMap.get(userToken) < TimeUtil.millisOfNow()) {
response.getWriter().write(HttpResponse.fail("无效的token").stringfy());
return false;
}
//更新token有效期
ValueRepo.tokenExpireMap.put(userToken, TimeUtil.millisOfNow() + tokenExpireDuration);
return true;
}
@Override
@SneakyThrows
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
}
}
将拦截器注册到SpringBoot的配置上
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
//添加token拦截器
InterceptorRegistration tokenInterceptorRegistration = registry.addInterceptor(new TokenInterceptor());
tokenInterceptorRegistration.addPathPatterns("/**");
tokenInterceptorRegistration.excludePathPatterns("/error");
tokenInterceptorRegistration.excludePathPatterns("/static/**");
tokenInterceptorRegistration.excludePathPatterns("/login");
}
}