1、创建一个加载自定义拦截器类
- 主要是用来加载自定义的拦截器类
- 拦截器配置类(类似于以前spring里的xml配置):实现WebMvcConfigurer 接口
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebAppConfig implements WebMvcConfigurer {
@Autowired
private MyInterceptor myInterceptor;
@Autowired
private PermissionInterceptor permissionInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(myInterceptor)
.addPathPatterns("/**")
.excludePathPatterns("/login","/assets/**","/nopermission");
registry.addInterceptor(permissionInterceptor)
.addPathPatterns("/**")
.excludePathPatterns("/login","/assets/**","/nopermission");
}
}
2、自定义拦截器(登录)
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Component
public class MyInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Employee employee =(Employee)request.getSession().getAttribute("USER_IN_LONGIN");
if(employee==null){
response.sendRedirect("/login");
return false;
}
return true;
}
}
3、自定义拦截器(授权)
- 注意:这里的代码本人是写给自己看的,如果阁下使用后出现什么掉头发行为,在下也没办法
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;
@Component
public class PermissionInterceptor implements HandlerInterceptor {
@Autowired
private PermissionMapper permissionMapper;
@Autowired
private EmployeeMapper employeeMapper;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
String uri = request.getRequestURI();
List<String> list = permissionMapper.findUrlAll();
if(!list.contains(uri)){
return true;
}else {
Employee employee =(Employee)request.getSession().getAttribute("USER_IN_LONGIN");
List<String> employeeUrls = employeeMapper.findPermissionUrlByEmployee(employee);
if(employeeUrls.contains(uri)){
return true;
}else {
String header = request.getHeader("Content-Type");
if(header!=null){
response.setHeader("content-type", "text/html;charset=utf-8");
response.setHeader("Content-Type", "application/json");
response.getWriter().print("{\"success\" : true,\"msg\" : \"暂无权限\"}");
}else {
response.sendRedirect("/nopermission");
}
return false;
}
}
}
}