1.第一步:添加拦截器
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
public class TestInterceptor extends WebMvcConfigurerAdapter {
/**
* 添加拦截器
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new TestHandlerInterceptor())
//添加需要验证登录用户操作权限的请求
.addPathPatterns("/testContrl/create*", "/testContrl/update*", "/testContrl/delete*")
//排除不需要验证登录用户操作权限的请求
.excludePathPatterns("/userCtrl/*");
}
}
2.第二步: 拦截器实现
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
/**
* 拦截器实现
*/
public class TestHandlerInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
int type = (Integer) request.getSession().getAttribute("userType");
if (type == 1) {
return true;
} else {
String result = ResultUtils.getErrorResult("当前登录用户无操作权限!");
response.getOutputStream().write(result.getBytes());
response.setStatus(HttpStatus.OK.value());
return false;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
// TODO Auto-generated method stub
}
}
3.第三步:测试控制器
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
@RequestMapping(value = "/testContrl")
public class CommonController {
@Autowired
private TestService testService;
/**
* @return
*/
@RequestMapping(value = "/createObj")
@ResponseBody
public String createObj() {
// do something .......
return "success";
}
}