Srping拦截器实现登录拦截
原理不多啰嗦,直接贴代码!
package com.sany.crane.oa.common.config;
import com.alibaba.excel.util.StringUtils;
import com.sany.crane.oa.common.util.RedisUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Component
@Slf4j
public class LoginHandInterceptor implements HandlerInterceptor {
@Autowired
private RedisUtil redisUtil;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {
log.info("OPTIONS请求,放行");
return true;
}
//登录成功之后,应该有ticketcode
String tickecode = request.getHeader("Authorization");
log.info("======================tickecode" + tickecode);
if (StringUtils.isEmpty(tickecode)) {
return false;
} else {
boolean b = redisUtil.hHasKey("tickecode:", tickecode);
log.info("======================b" + b);
if (false == b) {
//说明没有登录
request.setAttribute("msg", "对不起,你没有权限,请先登录!");
request.getRequestDispatcher("/logins").forward(request, response);
return false;
} else {
return true;
}
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
Exception ex) {
}
}
package com.sany.crane.oa.common.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
//配置拦截器
@Configuration
public class LoginHandInterceptorConfig implements WebMvcConfigurer {
@Autowired
private LoginHandInterceptor loginHandInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
//addPathPatterns用于添加拦截路径
//excludePathPatterns用于添加不拦截的路径
//未登录前只放行/core/login/logins登录请求和swagger界面
registry.addInterceptor(loginHandInterceptor).addPathPatterns("/**").excludePathPatterns("/logins")
.excludePathPatterns("/swagger-ui.html/**")
.excludePathPatterns("/configuration/ui")
.excludePathPatterns("/swagger-resources/**")
.excludePathPatterns("/configuration/security")
.excludePathPatterns("/v2/api-docs")
.excludePathPatterns("/error")
.excludePathPatterns("/webjars/**")
.excludePathPatterns("/**/favicon.ico")
.excludePathPatterns("/core/login/**");
}
//此方法用于配置静态资源路径
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("swagger-ui.html")
.addResourceLocations("classpath:/META-INF/resources/");
}
}