java @PassToken注解使用详细

详细

@PassToken作用就是为了不需要token也能访问，方便好用
简单易懂！！

一、使用步骤

1.注解

代码如下（示例）：

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
public @interface PassToken {
    boolean required() default true;
}

2.逻辑处理

需要在filter拦截时候判断token，shiro拦截或者网关gateway拦截时候都行，自己写的拦截器也一样。拿到method就能到注解，判断就行
代码如下（示例）：

    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        //通过ApplicationContext上下文（spring）找到RequestMappingHandlerMapping这个bean
        RequestMappingHandlerMapping handlerMapping = ApplicationContextUtil.getBean(RequestMappingHandlerMapping.class);
        //RequestMappingHandlerMapping是对应url和处理类方法的一个类
        HandlerExecutionChain handlerChain = handlerMapping.getHandler(httpServletRequest);
        //通过处理链找到对应的HandlerMethod类
        HandlerMethod handler = (HandlerMethod) handlerChain.getHandler();
        //HandlerMethod中有bean和method
        // Object bean = handler.getBean();//处理请求的类
        Method method = handler.getMethod();//处理请求的方法
        // boolean annotationPresent = method.isAnnotationPresent(PostMapping.class);
        if (method.isAnnotationPresent(PassToken.class)) {
            PassToken passToken = method.getAnnotation(PassToken.class);
            if (passToken.required()) {
                return true;
            }
        }
        }

3.使用

    @ApiOperation("登录")
    @PostMapping("/login")
    @PassToken
    public Response login(@RequestBody UserParam loginParam) {
        LoginVO userVO = userService.login(loginParam);
        return Response.ok(userVO);
    }

总结

提示：这里对文章进行总结：

用@PassToken就行了，方便好用！！！
因为我用的Oauth2+shiro，主要在于获取 注解 这里，
有两种：
方法一：

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        WebApplicationContext ctx = RequestContextUtils.findWebApplicationContext(httpServletRequest);
        RequestMappingHandlerMapping mapping = ctx.getBean("requestMappingHandlerMapping", RequestMappingHandlerMapping.class);
        HandlerExecutionChain handler = null;
        handler = mapping.getHandler(httpServletRequest);
        Annotation[] declaredAnnotations = ((HandlerMethod) handler.getHandler()).
                getMethod().getDeclaredAnnotations();
        for(Annotation annotation:declaredAnnotations) {
            if (PassToken.class.equals(annotation.annotationType())) {
                return true;
            }
        }

方法二：

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        WebApplicationContext ctx = RequestContextUtils.findWebApplicationContext(httpServletRequest);
        RequestMappingHandlerMapping mapping = ctx.getBean("requestMappingHandlerMapping", RequestMappingHandlerMapping.class);
        HandlerExecutionChain handler = null;
        handler = mapping.getHandler(httpServletRequest);
        Annotation[] declaredAnnotations = ((HandlerMethod) handler.getHandler()).
                getMethod().getDeclaredAnnotations();
        for(Annotation annotation:declaredAnnotations) {
            if (PassToken.class.equals(annotation.annotationType())) {
                return true;
            }
        }

总结：
1.自己写一个@PassToken注解
2.使用aop拦截器时候，获取request接口上的注解，如果有@PassToken则返回true，不需要验证token