框架注入
@Configuration
public class AuthorityConfigurer implements WebMvcConfigurer {
@Bean
public AuthorityInterceptor authorityInterceptor() {
return new AuthorityInterceptor();
}
@Override
// 跨域配置
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedHeaders("*")
.allowedMethods("*")
.allowedOriginPatterns("*")
// .allowedOrigins("http://localhost:8080")
.allowCredentials(true); // 服务器设置true的时候,浏览器必须设置withCredentials: true
}
@Override
// 请求拦截器
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(authorityInterceptor())
.addPathPatterns("/**")
.excludePathPatterns(NoInterceptorPath.url); // 排除一些请求 格式:String[]
}
}
拦截配置
public class AuthorityInterceptor implements HandlerInterceptor {
@Autowired
private RedisUtil redisUtil;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {//业务逻辑
// 如果是CORS的预检请求则直接返回true
if("OPTIONS".equals(request.getMethod().toUpperCase())) {
return true;
}
String token = request.getHeader("X-Access-Token"); // 获取请求中的token
Boolean exist = redisUtil.hasKey("prefix_user_token_" + token); // 比对token, 用户登录后token存储在redis中
// 获取当前用户的session
AppUser appUser = SessionUtil.getUser();
if (exist && appUser != null) {
// token未失效则延长redis中token的有效期
redisUtil.expire("prefix_user_token_" + token, 30 * 60);
}else {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
response.sendError(401);
}
return true;
}
}
前端vue axios封装点击这里