一、导入pom.xml依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.70</version>
</dependency>
二、创建拦截器实现不同的拦截功能
1.创建拦截器一:登录拦截器
import com.alibaba.fastjson.JSON;
import com.example.springboot_interceptor.base.JsonBean;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.util.WebUtils;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Component
public class LoginInterceptor implements HandlerInterceptor {
//在Controller执行之前调用,如果返回false,controller不执行
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
System.out.println("访问login拦截***preHandle***");
// 若不允许访问接口则响应如下具体原因
/*response.setHeader("Content-type", "text/html;charset=UTF-8");
response.setCharacterEncoding("utf-8");
ServletOutputStream outputStream = response.getOutputStream();
JsonBean bean = new JsonBean();
bean.setRetCode("502");
bean.setRetMessage("非协议平台禁止访问,请联系平台管理员");
outputStream.write(JSON.toJSONString(bean).getBytes());*/
return true;
}
//controller执行之后,且页面渲染之前调用
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
System.out.println("***postHandle***");
}
//页面渲染之后调用,一般用于资源清理操作
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
System.out.println("***afterCompletion***");
}
}
2.创建拦截器二:用户信息获取拦截器
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Component
public class UserLoginSessionInterceptor implements HandlerInterceptor {
//在Controller执行之前调用,如果返回false,controller不执行
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
System.out.println("判断用户登录cookie是否失效***preHandle***");
return true;
}
//controller执行之后,且页面渲染之前调用
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
//页面渲染之后调用,一般用于资源清理操作
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
三、创建接口Controller
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class UserController {
@RequestMapping("/user")
@ResponseBody
public void getUser(){
System.out.println("执行user");
}
@RequestMapping("/userInfo")
@ResponseBody
public void getUserInfo(){
System.out.println("执行userInfo");
}
@RequestMapping("/session")
@ResponseBody
public void getSession(){
System.out.println("执行session");
}
@RequestMapping("/login")
@ResponseBody
public void getLogin(){
System.out.println("执行Login");
}
}
四、创建配置信息类
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Autowired
LoginInterceptor loginInterceptor;
@Autowired
UserLoginSessionInterceptor userLoginSessionInterceptor;
/**
* 定义拦截器
* addPathPatterns :需要拦截的接口信息
* excludePathPatterns:不需要拦截的接口信息
* 顺序也是拦截器执行的顺序
* @param registry
*/
public void addInterceptors(InterceptorRegistry registry){
//这时如果访问“/login”路径就会触发拦截器
registry.addInterceptor(loginInterceptor).addPathPatterns("/login");
//如果需要配置多个拦截器,/userInfo","/session" 是不需要进行校验的
registry.addInterceptor(userLoginSessionInterceptor).addPathPatterns("/**")
.addPathPatterns("/login","/user")
.excludePathPatterns("/userInfo","/session");
}
}
【说明】
1、以上配置了两个拦截器分别是LoginInterceptor 、UserLoginSessionInterceptor,
2、LoginInterceptor 功能是判断用户请求时是否已登陆,
3、UserLoginSessionInterceptor功能是判断cookie是否正确;
4、其中/login需要进行LoginInterceptor 拦截校验,又需要UserLoginSessionInterceptor拦截校验
5、所有接口都需要进行UserLoginSessionInterceptor校验,其中/userInfo、/session 不需要校验
6.拦截器执行顺序就是配置中的顺序,先执行LoginInterceptor 拦截,再执行UserLoginSessionInterceptor校验