SpringBoot 根据 注解和切面(AOP) 实时验证用户登陆状态
场景:在调用每个接口前,先验证用户账号的启用状态
例:在管理系统中禁用用户账号,使得该账户即使在登陆状态中,任何操作都会提示或者退出到登陆页面
代码
新增自定义注解
@Target(value = {ElementType.TYPE,ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface AuthLogin {
String value() default "";
}
自定义切面验证用户登陆状态
@Aspect
@Component
@SuppressWarnings("unused")
public class LoginCheckAspect{
@Autowired
private SysUserService sysUserService;
@Pointcut("@annotation(com.yuandian.scansignin.config.AuthLogin)")
private void pointcut(){};
@Around("pointcut()")
public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
Object[] args = joinPoint.getArgs();
SysUser user = (SysUser)SecurityUtils.getSubject().getPrincipal();
SysUser sysUser = sysUserService.getInfo(user.getSysUserId());
if(sysUser.getState().equals("0")){
return ResultVoUtil.error(200,"当前账户已经被禁用");
}
return joinPoint.proceed(args);
}
}
使用案例
@ApiModelProperty(value = "授权列表",notes = "授权列表")
@PostMapping("/page")
@AuthLogin("用户状态验证")
public ResultVo queryOrders(@RequestBody SysUserVo vo){
return sysUserService.queryPage(vo);
}