当前位置: 移动技术网 > IT编程>开发语言>Java > springboot实现拦截器之验证登录示例

springboot实现拦截器之验证登录示例

2019年07月22日  | 移动技术网IT编程  | 我要评论

整理文档,搜刮出一个springboot实现拦截器之验证登录示例,稍微整理精简一下做下分享。

添加jar包,这个jar包不是必须的,只是在拦截器里用到了,如果不用的话,完全可以不引入

<dependency> 
      <groupid>org.apache.commons</groupid> 
      <artifactid>commons-lang3</artifactid> 
      <version>3.5</version> 
    </dependency>

springboot默认为tomcat,如果用jetty,还需要引入

<dependency> 
      <groupid>javax.servlet</groupid> 
      <artifactid>javax.servlet-api</artifactid> 
      <version>3.1.0</version> 
    </dependency>

1、以登录验证为例,首先创建个@auth注解

package com.demo.interceptor; 
 
import java.lang.annotation.*; 
 
/** 
 * created by huguoju on 2016/12/30. 
 * 在类或方法上添加@auth就验证登录 
 */ 
@target({elementtype.type, elementtype.method}) 
@retention(retentionpolicy.runtime) 
@documented 
public @interface auth { 
}

2、创建一个constants,在拦截器里用

package com.demo.util; 
 
/** 
 * created by huguoju on 2016/12/30. 
 */ 
public interface constants { 
  int max_file_upload_size = 5242880; 
  string mobile_number_session_key = "sessionmobilenumber"; 
  string user_code_session_key = "usercode"; 
  string session_key = "sessionid"; 
}

3、创建一个sessiondata,用于保存在session中的字段

package com.demo.model; 
 
import lombok.data; 
 
/** 
 * created by huguoju on 2016/12/30. 
 */ 
@data 
public class sessiondata { 
  private integer usercode; 
  private string mobilenumber; 
}

4、实现登录拦截实现

package com.demo.interceptor; 
 
import com.demo.model.sessiondata; 
import com.demo.util.redisutil; 
import org.springframework.beans.factory.annotation.autowired; 
import org.springframework.stereotype.component; 
import org.springframework.web.method.handlermethod; 
import org.springframework.web.servlet.handler.handlerinterceptoradapter; 
 
import javax.servlet.http.httpservletrequest; 
import javax.servlet.http.httpservletresponse; 
import java.lang.reflect.method; 
 
import static com.demo.util.constants.mobile_number_session_key; 
import static com.demo.util.constants.session_key; 
import static com.demo.util.constants.user_code_session_key; 
 
/** 
 * created by huguoju on 2016/12/30. 
 */ 
@component 
public class logininterceptor extends handlerinterceptoradapter { 
  @autowired 
  private redisutil redisutils; 
  private final static string session_key_prefix = "session:"; 
  public boolean prehandle(httpservletrequest request, 
               httpservletresponse response, object handler) throws exception { 
    if (!handler.getclass().isassignablefrom(handlermethod.class)) { 
      return true; 
    } 
    handlersession(request); 
 
    final handlermethod handlermethod = (handlermethod) handler; 
    final method method = handlermethod.getmethod(); 
    final class<?> clazz = method.getdeclaringclass(); 
    if (clazz.isannotationpresent(auth.class) || 
        method.isannotationpresent(auth.class)) { 
      if(request.getattribute(user_code_session_key) == null){ 
  
         throw new exception(); 
         
      }else{ 
        return true; 
      } 
    } 
 
    return true; 
 
  } 
  public void handlersession(httpservletrequest request) { 
    string sessionid = request.getheader(session_key); 
    if(org.apache.commons.lang3.stringutils.isblank(sessionid)){ 
      sessionid=(string) request.getsession().getattribute(session_key); 
    } 
    if (org.apache.commons.lang3.stringutils.isnotblank(sessionid)) { 
      sessiondata model = (sessiondata) redisutils.get(session_key_prefix+sessionid); 
      if (model == null) { 
        return ; 
      } 
      request.setattribute(session_key,sessionid); 
      integer usercode = model.getusercode(); 
      if (usercode != null) { 
        request.setattribute(user_code_session_key, long.valueof(usercode)); 
      } 
      string mobile = model.getmobilenumber(); 
      if (mobile != null) { 
        request.setattribute(mobile_number_session_key, mobile); 
      } 
    } 
    return ; 
  } 
}

5、配置拦截器

package com.demo.interceptor; 
 
import org.hibernate.validator.hibernatevalidator; 
import org.slf4j.logger; 
import org.slf4j.loggerfactory; 
import org.springframework.beans.factory.annotation.autowired; 
import org.springframework.context.messagesource; 
import org.springframework.context.annotation.bean; 
import org.springframework.context.annotation.componentscan; 
import org.springframework.context.annotation.configuration; 
import org.springframework.context.annotation.propertysource; 
import org.springframework.context.support.propertysourcesplaceholderconfigurer; 
import org.springframework.context.support.reloadableresourcebundlemessagesource; 
import org.springframework.validation.validator; 
import org.springframework.validation.beanvalidation.localvalidatorfactorybean; 
import org.springframework.validation.beanvalidation.methodvalidationpostprocessor; 
import org.springframework.web.servlet.viewresolver; 
import org.springframework.web.servlet.config.annotation.*; 
import org.springframework.web.servlet.mvc.method.annotation.requestmappinghandlermapping; 
import org.springframework.web.servlet.view.internalresourceviewresolver; 
 
/** 
 * created by huguoju on 2016/12/30. 
 */ 
@configuration 
@enablewebmvc 
@componentscan(basepackages = "com.demo.controller") 
@propertysource(value = "classpath:application.properties", 
    ignoreresourcenotfound = true,encoding = "utf-8") 
public class mvcconfig extends webmvcconfigureradapter { 
  private static final logger logger = loggerfactory.getlogger(mvcconfig.class); 
  @autowired 
  logininterceptor logininterceptor; 
 
  /** 
 
   * <p> 
   *   视图处理器 
   * </p> 
   * 
   * @return 
   */ 
  @bean 
  public viewresolver viewresolver() { 
    logger.info("viewresolver"); 
    internalresourceviewresolver viewresolver = new internalresourceviewresolver(); 
    viewresolver.setprefix("/web-inf/jsp/"); 
    viewresolver.setsuffix(".jsp"); 
    return viewresolver; 
  } 
 
  /** 
   * 拦截器配置 
   * @param registry 
   */ 
  @override 
  public void addinterceptors(interceptorregistry registry) { 
    // 注册监控拦截器 
    registry.addinterceptor(logininterceptor) 
        .addpathpatterns("/**") 
     .excludepathpatterns("/configuration/ui"); 
 
  } 
 
  @override 
  public void addcorsmappings(corsregistry registry) { 
    registry.addmapping("/**") 
        .allowedorigins("*") 
        .allowedheaders("*/*") 
        .allowedmethods("*") 
        .maxage(120); 
  } 
 
  /** 
   * 资源处理器 
   * @param registry 
   */ 
  @override 
  public void addresourcehandlers(resourcehandlerregistry registry) { 
    logger.info("addresourcehandlers"); 
    registry.addresourcehandler("/swagger-ui.html") 
        .addresourcelocations("classpath:/meta-inf/resources/"); 
    registry.addresourcehandler("/webjars/**") 
        .addresourcelocations("classpath:/meta-inf/resources/webjars/"); 
  } 
 
}

以上就完成了,测试时可以在logininterceptor里打断点,然后在controller上或者方法上添加@auth注解,
controller上添加以后这个controller里所有请求都验证登录,在方法里添加只有请求这个方法时验证

@auth 
@restcontroller 
public class testcontroller {  }

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持移动技术网。

您可能感兴趣的文章:

如对本文有疑问, 点击进行留言回复!!

相关文章:

验证码:
最近更新的文章
大家感兴趣的文章
移动技术网