1、项目需求:应用切面拦截token
2、具体实现:
2.1 pom.xml引入
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
2.2 定义切点:
/**
* 用于标注是否需要验证token
*/
@Documented
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface TokenCheck {
}
2.3 定义切面
//描述切面类
@Aspect
@Component
public class TokenAop {
@Autowired
TokenService tokenService;
/**
* 定义一个切入点
* 用于拦截类中方法的切点,在方法上加注解@TokenCheck
*/
@Pointcut("@annotation(com.shallnew.dm_web.utils.annotation.TokenCheck)")
private void cutToken(){
}
/**
* 用于拦截类的切点
* 此处注意execution(*后面要有空格否则会报错type name pattern expected
*/
@Pointcut("execution(* com.shallnew.dm_web.admin.XHomeController.*(..)) || execution(* com.shallnew.dm_web.admin.DWorkOrderController.*(..)) || execution(* com.shallnew.dm_web.admin.XMyController.*(..))" +
"|| execution(* com.shallnew.dm_web.admin.DFeedbackController.*(..))" +
"|| execution(* com.shallnew.dm_web.wx.*.*(..))")
private void cutTokens(){
}
/**
* 环绕通知
* @param point
* @return
* @throws Throwable
*/
@Around("cutToken()||cutTokens()")
public Object doToken(ProceedingJoinPoint point) throws Throwable {
System.out.println("===进入token验证==");
Object result = null;
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
HttpServletRequest request = ((ServletRequestAttributes)requestAttributes).getRequest();
String token = request.getHeader("token");
//查询数据库种的token
Map<String,Object> map = tokenService.queryByTokens(token);
if(map!= null && map.get("token").toString().equals(token)){
//得到传递给目标方法的参数值
Object[] param = point.getArgs();
for (Object arg : param) {
if(request.getRequestURI().contains("sys/oss/upload")){
System.out.println("税申诉:"+arg);
}
if (arg instanceof Map) {
Map<String, Object> fileVo = (Map) arg;
fileVo.put("orgId", map.get("orgId"));
fileVo.put("userId", map.get("userId"));
}
if (arg instanceof DAlarmArtificialLogEntity) {
DAlarmArtificialLogEntity fileVo = (DAlarmArtificialLogEntity) arg;
fileVo.setUserId(Long.valueOf(map.get("userId").toString()));
}
}
result = point.proceed();
return result;
}else {
return R.error(40001,"未登录或登录已失效");
}
}
}
完毕