案例背景,为了解决跨服务器访问鉴权接口cookie和session不共享的问题,就有了该技术
NoSession并非请求中不携带鉴权key,而是项目中使用如Redis保存鉴权信息,减轻服务器压力和跨服务器鉴权问题
用户携带鉴权信息进行接口请求>
拦截器 鉴权判定>
控制层>
拦截器 清理鉴权>
返回给用户
然后就有了如下案例代码
线程工具类
package com.heima.utils.thread;
import com.heima.model.wemedia.pojos.WmUser;
public class WmThreadLocalUtil {
//创建一个本地线程
private final static ThreadLocal<WmUser> WM_USER_THREAD_LOCAL=new ThreadLocal<>();
/**
* 添加
*/
public static void setUser(WmUser wmUser){
WM_USER_THREAD_LOCAL.set(wmUser);
}
/**
* 获取
*/
public static WmUser getUser(){
return WM_USER_THREAD_LOCAL.get();
}
/**
* 清理
*/
public static void clear(){
WM_USER_THREAD_LOCAL.remove();
}
}
拦截 类
package com.heima.wemedia.interceptor;
import com.heima.model.wemedia.pojos.WmUser;
import com.heima.utils.thread.WmThreadLocalUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Optional;
@Slf4j
public class WmTokenInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//得到header中的信息
String userId = request.getHeader("userId");
Optional<String> optional = Optional.ofNullable(userId);
if (optional.isPresent()){
//存用户ID到对象中
WmUser wmUser=new WmUser();
wmUser.setId(Integer.valueOf(userId));
//将用户对象存入线程
WmThreadLocalUtil.setUser(wmUser);
log.info("wmTokenFilter设置用户信息到threadlocal中....");
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
log.info("本地线程数据清理....");
WmThreadLocalUtil.clear();
}
}
配置类,声明自定义拦截
package com.heima.wemedia.config;
import com.heima.wemedia.interceptor.WmTokenInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebMvcConfig implements WebMvcConfigurer{
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new WmTokenInterceptor()).addPathPatterns("/**");
}
}