(源码在gitee,网址https://gitee.com/liu-zhiyong/ssm-security.git)
原理:利用SpringAop
步骤
1.建立记录日志的类SysLog
@Data
@AllArgsConstructor
@NoArgsConstructor
public class SysLog {
private String id; //id
private Date visitTime; //访问时间
private String visitTimeStr; //访问时间字符串
private String username; //操作者用户名
private String ip; //访问ip
private String url; //访问url
private Long executionTime; //执行时长
private String method; //访问方法
}
2.建立对应的数据库
CREATE TABLE `syslog` (
`id` varchar(32) NOT NULL COMMENT '主键',
`visitTime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`username` varchar(50) DEFAULT NULL,
`ip` varchar(30) DEFAULT NULL,
`url` varchar(50) DEFAULT NULL,
`executionTime` int(11) DEFAULT NULL,
`method` varchar(200) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
3.创建一个处理日志的切面类bean
@Component //不是controller,而是一个bean
@Aspect //切面
public class LogAop {
//通过在web.xml文件中配置获取
@Autowired
private HttpServletRequest request;
@Autowired
private ISysLogService sysLogService;
private Date visitTime; //开始时间
private Class clazz; //访问的类
private Method method;//访问的方法
//前置通知 主要是获取开始时间,执行的类是哪一个,执行的是哪一个方法
@Before(("execution(* com.controller.*.*(..))") ) //拦截controller包下的所有类下的所有方法
public void doBefore(JoinPoint jp) throws NoSuchMethodException {
visitTime = new Date();//当前时间就是开始访问的时间
clazz = jp.getTarget().getClass(); //具体要访问的类
String methodName = jp.getSignature().getName(); //获取访问的方法的名称
Object[] args = jp.getArgs();//获取访问的方法的参数
//获取具体执行的方法的Method对象
if (args == null || args.length == 0) {
method = clazz.getMethod(methodName); //只能获取无参数的方法
} else {
Class[] classArgs = new Class[args.length];
for (int i = 0; i < args.length; i++) {
classArgs[i] = args[i].getClass();
}
method = clazz.getMethod(methodName, classArgs);
}
}
//后置通知
@After("execution(* com.controller.*.*(..))")
public void doAfter(JoinPoint jp) throws Exception {
long time = new Date().getTime() - visitTime.getTime(); //获取访问的时长
String url = "";
//获取url
if (clazz != null && method != null && clazz != LogAop.class) {
//1.获取类上的@RequestMapping("/orders")
RequestMapping classAnnotation = (RequestMapping) clazz.getAnnotation(RequestMapping.class);
if (classAnnotation != null) {
String[] classValue = classAnnotation.value();
//2.获取方法上的@RequestMapping(xxx)
RequestMapping methodAnnotation = method.getAnnotation(RequestMapping.class);
if (methodAnnotation != null) {
String[] methodValue = methodAnnotation.value();
url = classValue[0] + methodValue[0];
//获取访问的ip
String ip = request.getRemoteAddr();
//获取当前操作的用户
SecurityContext context = SecurityContextHolder.getContext();//从上下文中获了当前登录的用户
User user = (User) context.getAuthentication().getPrincipal();
String username = user.getUsername();
//将日志相关信息封装到SysLog对象
String uuid = UUID.randomUUID().toString().replace("-", "");
SysLog sysLog = new SysLog();
sysLog.setExecutionTime(time); //执行时长
sysLog.setIp(ip);
sysLog.setMethod("[类名] " + clazz.getName() + "[方法名] " + method.getName());
sysLog.setUrl(url);
sysLog.setUsername(username);
sysLog.setVisitTime(visitTime);
sysLog.setId(uuid);
//调用Service完成操作
sysLogService.save(sysLog);
}
}
}
}
}