今天使用了jQuery Ajax的全局配置,希望每次来判断后台是否已经登陆了,后台写了个拦截器
package com.zhongan.reinsurance.mvc.aspect; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.config.annotation.InterceptorRegistration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @Configuration public class LoginInterceptor extends WebMvcConfigurerAdapter { public final static String TOKEN = "token"; public SecurityInterceptor getSecurityInterceptor() { return new SecurityInterceptor(); } public void addInterceptors(InterceptorRegistry registry) { InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor()); //排除的路径 addInterceptor.excludePathPatterns("/login/**"); //拦截所有路径 addInterceptor.addPathPatterns("/**"); } private class SecurityInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); //判断是否已有该用户登录的session if (session.getAttribute(TOKEN) != null) { if (request.getCookies() != null) { for (Cookie cookie : request.getCookies()) { if (cookie.getName().equals(TOKEN)) { if (session.getAttribute(TOKEN).equals(cookie.getValue())) { return true; } } } } } // response.setStatus(401); // request.getRequestDispatcher("/login/noUser").forward(request, response); return false; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) { } } }
拦截器里通过response.setStatus(401)手动设置返回码
前端使用了jQuery的全局配置:
$.ajaxSetup({ xhrFields: {withCredentials: true}, statusCode: { 0: function () { console.info('main.js http 0'); }, 401: function () { console.info('main.js http 401'); }, 404: function () { console.info('main.js http 404'); }, 200: function () { console.info('main.js http 200'); } }
然后通过Ajax随便请求一个后台资源:
$.get("http://localhost:8009/XXX/XXXX?dictCode=001", function (data) { console.info(that.dataList) })
然后发现只要后台拦截器里返回false,statusCode捕获的始终是0,即实际上请求的结果是error,会走error:function(){}的模块,如果是return true,statusCode捕获的始终是200,response.setStatus(401)没有任何用(浏览器里捕获正常),试了好多方法,都没用,最后只能做跳转,在controller里做返回码设置,跳转语句:
request.getRequestDispatcher("/login/noUser").forward(request, response);
controller里的返回码在前端可以捕获,下面是controller的简单代码:
@ResponseBody @RequestMapping("/noUser") public Result noUser(HttpServletResponse response) { response.setStatus(401); return Result.error("未登录").put("msg", "401"); }
如果大家有更好的方法,就感谢分享