1、自定义注解
表示只有在登录状态下才能够访问
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface LoginRequired {
}
2、在需要的方法上标注自定义注解
只有登录才能修改头像等
3、配置拦截器
@Component
public class LoginRequiredInterceptor implements HandlerInterceptor {
@Autowired
private HostHolder hostHolder;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
LoginRequired loginRequired = method.getAnnotation(LoginRequired.class);
//表示有注解,但是用户未登录,服务器拒绝访问
if (loginRequired!=null && hostHolder.getUser()==null) {
response.sendRedirect(request.getContextPath()+"/login");
return false;
}
}
return true;
}
}
4、注册拦截器
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Autowired
private LoginRequiredInterceptor loginRequiredInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(loginRequiredInterceptor)
.excludePathPatterns("/**/*.css","/**/*.js","/**/*.png","/**/.jpg"); //不拦截静态资源
}
}